Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Zugriff auf GMX durch dritte. Trojaner o.ä.?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.05.2015, 19:01   #1
TattooPanda
 
Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



Hallo Helfer!

Problem :
Heute eine E-Mail bekommen von GMX mit dem Inhalt:

"GMX Sicherheit: Vorsorgliche Sicherheitssperre Ihres GMX Postfachs
Unsere automatisierten Sicherheitssysteme haben Unregelmäßigkeiten beim Zugriff auf Ihr GMX Postfach festgestellt.
Zu Ihrem persönlichen Schutz haben wir vorsorglich Ihr Postfach gesperrt. Daher werden wir Sie beim nächsten Login auffordern, Ihr Passwort zu ändern."


Ich weiß nun nicht, ob wirklich jmd Zugriff hatte
Hab direkt das PW geändert. Ich rufe Emails nur über Thunderbird ab, habe dort auch das PW gespeichert.
Ich nutze nirgendwo anders dieses Pw, auch nicht in ähnlicher Form und rufe die Mails auch nicht über mein Handy ab.
Wie gesagt, ausschliesslich Thunderbird. Dort ist das PW aber eben auch gespeichert.
Ist das Sicherheitstechnisch bedenklich und ich gebe die in Zukunft lieber per Hand ein?

Gmer stürzt ab???
Edit: Im abgesicherten Modus läuft GMER und meldet "
GMER hasn't found any system modification"
Wieso schmiert mir das im normalen Modus ab? -_-

Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:57 on 22/05/2015 (Ash)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-
         
FRST :
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Ash (administrator) on ASH-PC on 22-05-2015 02:26:12
Running from C:\Users\Ash\Desktop
Loaded Profiles: Ash (Available profiles: Ash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(www.counter-strike.de - MUff[99]) C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gammacontrol.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(E.W.E.-Software) C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvtip.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\Run: [TVTip] => C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvstart.exe [102400 2012-01-24] (E.W.E.-Software)
HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\MountPoints2: {4f80c3ff-e756-11e4-9c22-ac220bc62429} - J:\iStudio.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-01-06] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-01-06]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gammacontrol.exe [2015-02-02] (www.counter-strike.de - MUff[99])
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Extension: Session Manager - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-01-11]
FF Extension: Video DownloadHelper - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Adblock Plus - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12]

Chrome: 
=======
CHR Profile: C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-02]
CHR Extension: (AdBlock) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-02]
CHR Extension: (Bookmark Manager) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Session Manager) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc [2015-02-02]
CHR Extension: (Google Wallet) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-09-18] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe [1690424 2013-09-18] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [368640 2013-06-26] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-11] ()
R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [311424 2014-09-15] (SplitCam Co.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [804992 2013-06-05] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-11] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-31] (Intel Corporation)
R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [41304 2014-04-10] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-01] (Intel Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corporation                           )
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2039-01-10 04:41 - 2015-04-10 03:41 - 00000000 _____ () C:\Users\Ash\AppData\Local\{86B65B10-9008-48B5-8480-F7F2990BB5CA}
2015-05-22 02:26 - 2015-05-22 02:26 - 00017165 _____ () C:\Users\Ash\Desktop\FRST.txt
2015-05-22 01:57 - 2015-05-22 01:57 - 00000538 _____ () C:\Users\Ash\Desktop\defogger_disable.log
2015-05-22 01:57 - 2015-05-22 01:57 - 00000168 _____ () C:\Users\Ash\defogger_reenable
2015-05-22 01:57 - 2015-05-22 01:56 - 02108416 _____ (Farbar) C:\Users\Ash\Desktop\FRST64.exe
2015-05-22 01:57 - 2015-05-22 01:56 - 00380416 _____ () C:\Users\Ash\Desktop\Gmer-19357.exe
2015-05-22 01:57 - 2015-05-22 01:56 - 00050477 _____ () C:\Users\Ash\Desktop\Defogger.exe
2015-05-22 01:47 - 2015-05-22 02:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-05-22 00:55 - 2015-05-22 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-22 00:24 - 2015-05-22 00:24 - 00000000 ____D () C:\Users\Ash\Desktop\big ones
2015-05-22 00:19 - 2015-05-22 00:19 - 10382526 _____ () C:\Users\Ash\Desktop\Skills Kodie Movies.mp4
2015-05-22 00:18 - 2015-05-22 00:20 - 32583415 _____ () C:\Users\Ash\Desktop\Birthday present Kodie Movies.mp4
2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Users\Ash\AppData\Local\Ubisoft Game Launcher
2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-14 02:39 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 02:39 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:36 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:36 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:36 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 13:36 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 13:36 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:36 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 13:36 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 13:36 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 13:36 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:36 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:36 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 13:36 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:36 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 13:36 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 13:36 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 13:36 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:36 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:36 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 13:36 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 13:36 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 13:36 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:36 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 13:36 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 13:36 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:36 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 13:36 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 13:36 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:36 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 13:36 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 13:36 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:36 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 13:36 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:36 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 13:36 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:36 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:36 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 13:36 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 13:36 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 13:36 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:36 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 13:36 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 13:36 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:36 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 13:36 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 13:36 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 13:36 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:36 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 13:36 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:36 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 13:36 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:36 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:36 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:36 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:36 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:36 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:36 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 13:36 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:36 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:36 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 13:36 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:36 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:36 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 13:36 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:36 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:34 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:34 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 13:34 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 13:34 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 13:34 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 13:34 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 13:34 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 13:34 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 13:34 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 13:34 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 13:34 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 13:34 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 13:34 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 13:34 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 13:34 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 13:34 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 13:34 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 13:34 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 13:34 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 13:34 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 13:34 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 13:34 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 13:34 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 13:34 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 13:34 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 13:34 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 13:34 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 13:34 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 13:34 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:34 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 13:34 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 13:34 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:34 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:34 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:34 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:34 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:34 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:34 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:34 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 13:34 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 13:34 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 13:34 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 13:34 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 13:34 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:34 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 13:34 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 13:34 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 13:34 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:34 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 13:34 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 13:34 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:34 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 22:59 - 2015-05-12 22:59 - 00001720 _____ () C:\Users\Public\Desktop\Stellarium.lnk
2015-05-11 00:46 - 2015-05-11 00:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2015-05-10 18:11 - 2015-05-10 18:11 - 00000000 ____D () C:\Users\Ash\AppData\Local\Darksiders
2015-05-10 18:10 - 2015-05-11 00:46 - 00003866 _____ () C:\Windows\DirectX.log
2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-05-10 16:32 - 2015-05-10 16:32 - 00000579 _____ () C:\Users\Ash\Desktop\TERA.lnk
2015-05-10 16:32 - 2015-05-10 16:32 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TERA
2015-05-10 16:30 - 2015-05-20 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-10 16:30 - 2015-05-10 16:30 - 00000541 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2015-05-10 16:30 - 2015-05-10 16:30 - 00000000 ____D () C:\Users\Ash\AppData\Local\Gameforge4d
2015-05-09 20:42 - 2015-05-09 20:42 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-09 20:42 - 2015-05-09 20:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-09 20:41 - 2015-05-09 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-05-09 19:36 - 2015-05-21 23:36 - 00008546 _____ () C:\Windows\setupact.log
2015-05-09 19:36 - 2015-05-09 19:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-08 19:45 - 2015-05-10 16:20 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-08 19:45 - 2015-05-08 19:45 - 00000000 ____D () C:\Users\Ash\AppData\Local\TERA
2015-05-07 00:14 - 2015-05-07 00:14 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\RunningWithScissors
2015-05-05 00:37 - 2015-05-05 00:37 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Speedball2_steam
2015-05-04 15:53 - 2015-05-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-04 14:18 - 2015-05-04 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRON 2.0 Killer App Mod
2015-05-04 14:17 - 2015-05-04 14:17 - 00000000 ____D () C:\Windows\TRON 2.0 Killer App Mod
2015-05-03 17:55 - 2015-05-03 17:55 - 00286720 _____ (Indigo Rose Corporation) C:\Windows\iun507.exe
2015-05-03 17:55 - 2015-05-03 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buena Vista Interactive
2015-05-03 14:46 - 2015-05-04 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roccat
2015-05-03 14:46 - 2015-05-03 14:46 - 00000000 ____D () C:\Users\Ash\Documents\ROCCAT Savu
2015-05-02 15:29 - 2015-05-02 15:29 - 00002115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk
2015-05-01 20:23 - 2015-05-01 20:23 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Ponscripter
2015-04-30 16:26 - 2015-04-30 16:26 - 00000000 ____D () C:\Users\Ash\Documents\4a games
2015-04-28 15:11 - 2015-04-28 15:11 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-28 15:11 - 2015-04-28 15:11 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 00:23 - 2015-04-28 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 02:26 - 2015-02-13 00:29 - 00000000 ____D () C:\FRST
2015-05-22 02:25 - 2015-02-02 19:53 - 00006438 _____ () C:\Users\Ash\Desktop\Neues Textdokument.txt
2015-05-22 02:11 - 2015-01-06 18:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 02:01 - 2015-01-11 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-22 01:59 - 2015-02-03 03:10 - 00000000 ____D () C:\Program Files (x86)\Jdownloader
2015-05-22 01:57 - 2015-01-06 18:09 - 00000000 ____D () C:\Users\Ash
2015-05-22 01:53 - 2015-01-11 17:38 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TS3Client
2015-05-22 00:10 - 2015-03-13 23:39 - 00000671 _____ () C:\Users\Ash\.swfinfo
2015-05-21 23:47 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-05-21 23:47 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-05-21 23:47 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-21 22:29 - 2015-01-06 18:09 - 01921666 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 20:11 - 2015-01-06 18:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 15:42 - 2015-01-11 17:12 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\vlc
2015-05-21 14:19 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 14:19 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 14:11 - 2015-02-28 02:25 - 00000000 ____D () C:\Users\Ash\AppData\Local\LogMeIn Hamachi
2015-05-21 14:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 02:17 - 2015-04-04 16:54 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 02:17 - 2015-04-04 16:54 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 01:12 - 2015-01-06 18:57 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 13:11 - 2015-04-12 16:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-16 20:28 - 2015-01-11 17:34 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-16 20:28 - 2015-01-11 17:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-16 15:00 - 2015-02-02 19:35 - 00000000 ____D () C:\Users\Ash\Documents\Eigene PSP-Dateien
2015-05-15 20:06 - 2015-01-06 18:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 20:06 - 2015-01-06 18:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 18:31 - 2015-01-11 16:35 - 00000000 ____D () C:\Users\Ash\AppData\Local\Adobe
2015-05-15 18:27 - 2015-01-11 16:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-15 18:27 - 2015-01-11 16:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-14 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 14:21 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 14:21 - 2009-07-14 06:45 - 00310760 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 14:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 02:42 - 2015-01-06 19:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-14 02:40 - 2015-01-06 19:04 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 23:04 - 2015-02-03 21:59 - 00000000 ____D () C:\Users\Ash\AppData\Local\CrashDumps
2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Stellarium
2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Ash\AppData\Local\stellarium
2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Program Files\Stellarium
2015-05-12 22:59 - 2015-01-11 15:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-12 17:26 - 2015-02-13 20:25 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TeamViewer
2015-05-11 00:58 - 2015-03-22 03:10 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-11 00:58 - 2015-03-05 04:38 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-11 00:58 - 2015-03-05 04:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-11 00:51 - 2015-03-22 03:10 - 00000000 ____D () C:\Users\Ash\AppData\Local\PunkBuster
2015-05-11 00:51 - 2015-03-05 04:38 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-10 18:11 - 2015-02-02 19:55 - 00000000 ____D () C:\Users\Ash\Documents\My Games
2015-05-10 17:38 - 2015-02-27 00:44 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-10 13:16 - 2015-01-11 15:47 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-05-09 18:55 - 2015-03-23 03:19 - 00000000 ____D () C:\AdwCleaner
2015-05-09 18:45 - 2015-01-11 18:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-09 01:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-05 15:35 - 2015-01-06 18:51 - 00070928 _____ () C:\Users\Ash\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-04 16:00 - 2015-01-06 18:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-02 15:29 - 2015-04-20 23:59 - 00000000 ____D () C:\Users\Ash\Knuddels
2015-05-02 01:07 - 2015-02-22 00:45 - 00000000 ____D () C:\Users\Ash\Documents\AVerTV
2015-05-01 18:51 - 2015-02-11 16:43 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-02-11 16:43 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-02-11 16:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-02-11 16:43 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-04-28 15:11 - 2015-04-12 16:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-28 15:11 - 2015-04-12 16:35 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-25 23:35 - 2015-02-08 18:06 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2015-03-09 17:24 - 2015-04-02 13:44 - 0099384 _____ () C:\Users\Ash\AppData\Roaming\inst.exe
2015-03-09 17:24 - 2015-04-02 13:44 - 0007859 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.cat
2015-03-09 17:24 - 2015-04-02 13:44 - 0001167 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.inf
2015-03-09 17:24 - 2015-04-02 13:44 - 0000055 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.log
2015-03-09 17:24 - 2015-04-02 13:44 - 0082816 _____ (VSO Software) C:\Users\Ash\AppData\Roaming\pcouffin.sys
2015-03-14 01:10 - 2015-03-14 01:10 - 0119839 _____ () C:\Users\Ash\AppData\Local\242322F9_stp.CIS
2015-03-14 01:10 - 2015-03-14 01:10 - 0000306 _____ () C:\Users\Ash\AppData\Local\242322F9_stp.CIS.part
2015-03-14 01:10 - 2015-03-14 01:10 - 0120135 _____ () C:\Users\Ash\AppData\Local\48FD097A_stp.CIS
2015-03-14 01:10 - 2015-03-14 01:10 - 0000290 _____ () C:\Users\Ash\AppData\Local\48FD097A_stp.CIS.part
2015-03-14 01:10 - 2015-03-14 01:10 - 0385602 _____ () C:\Users\Ash\AppData\Local\5D515C96_stp.CIS
2015-03-14 01:10 - 2015-03-14 01:10 - 0000220 _____ () C:\Users\Ash\AppData\Local\5D515C96_stp.CIS.part
2015-04-04 23:04 - 2015-04-04 23:05 - 0003072 _____ () C:\Users\Ash\AppData\Local\file__0.localstorage
2039-01-10 04:41 - 2015-04-10 03:41 - 0000000 _____ () C:\Users\Ash\AppData\Local\{86B65B10-9008-48B5-8480-F7F2990BB5CA}
2015-01-06 18:20 - 2015-01-06 18:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 15:59

==================== End of log ============================
         

Alt 22.05.2015, 19:22   #2
TattooPanda
 
Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Ash at 2015-05-22 02:26:27
Running from C:\Users\Ash\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3066379646-2778961134-1701944576-500 - Administrator - Disabled)
Ash (S-1-5-21-3066379646-2778961134-1701944576-1000 - Administrator - Enabled) => C:\Users\Ash
Gast (S-1-5-21-3066379646-2778961134-1701944576-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 (HKLM\...\UDK-32dac49c-f0b5-4444-8b4e-b3325eda5fa7) (Version:  - RuneStorm
ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.3.168 - ACD Systems International Inc.)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)
Allied Intent Xtended 2.0 (HKLM-x32\...\Allied Intent Xtended) (Version: 2.0 - AIX Community)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVerMedia A835 USB DVB-T 2.3.64.28 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 2.3.64.28 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.26 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.5.2.26 - AVerMedia Technologies, Inc.) Hidden
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BF2SP64 (HKLM-x32\...\BF2SP64) (Version:  - )
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-375CW (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Carnage Racing (HKLM-x32\...\Steam App 228940) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Messiah of Might & Magic Multi-Player (HKLM-x32\...\Steam App 2130) (Version:  - Arkane Studios)
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version:  - Arkane Studios)
Darksaber's Ultimate Craft Pack (HKLM-x32\...\Darksaber's Ultimate Craft Pack) (Version: 2.2.1.4 - Darksaber's X-Wing Station)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVGA PrecisionX 16 (HKLM-x32\...\Steam App 268850) (Version:  - EVGA)
FlatOut 2 (HKLM-x32\...\Steam App 2990) (Version:  - Bugbear Entertainment)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Free Video Editor version 1.4.11.301 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.11.301 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.)
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - Ubisoft Montpellier)
Gameforge Live 2.0.7 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.7 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)
Hacker Evolution Duality (HKLM-x32\...\Steam App 70120) (Version:  - exosyphen studios)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version:  - Crystal Shard)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - Final Form Games)
Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version:  - Behold Studios)
Knuddels Desktop App (HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App")
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Macro Recorder 5.7.8 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.8 - Jitbit Software)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Narcissu 1st & 2nd (HKLM-x32\...\Steam App 264380) (Version:  - stage-nana)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.7 - Black Tree Gaming)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oil Rush (HKLM-x32\...\Steam App 200390) (Version:  - Unigine Corp.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Penguins Arena: Sedna's World (HKLM-x32\...\Steam App 11280) (Version:  - Frogames)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
POSTAL (HKLM-x32\...\Steam App 232770) (Version:  - Running With Scissors)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rochard (HKLM-x32\...\Steam App 107800) (Version:  - Recoil Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SCARFACE: THE WORLD IS YOURS (HKLM-x32\...\InstallShield_{50A1E01F-21A4-4FB9-B0BA-76CEB5D8D5F5}) (Version: 1.00.0000 - Sierra Entertainment)
SCARFACE: THE WORLD IS YOURS (x32 Version: 1.00.0000 - Sierra Entertainment) Hidden
Scarface: The World is Yours Patch (HKLM-x32\...\InstallShield_{9BA745ED-5748-4303-AE0C-78991809DD68}) (Version: 1.02.00 - Sierra Entertainment)
Scarface: The World is Yours Patch (x32 Version: 1.02.00 - Sierra Entertainment) Hidden
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - MinMax Games Ltd.)
Speedball 2 HD (HKLM-x32\...\Steam App 251690) (Version:  - Vivid Games)
SplitCam (HKLM-x32\...\SplitCam) (Version: 6.9.4.1 - SplitCam Co)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars X-Wing Alliance DE (HKLM-x32\...\{7AD8FE70-1A35-492C-9AA8-E9F9C1833040}) (Version: 1.0.0.0 - LucasArts, Totally Games)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.13.3 (HKLM\...\Stellarium_is1) (Version: 0.13.3 - Stellarium team)
Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version:  - Rogue Entertainment)
Superfrog HD (HKLM-x32\...\Steam App 234000) (Version:  - Team17 Digital Ltd)
Swords and Soldiers HD (HKLM-x32\...\Steam App 63500) (Version:  - Ronimo Games)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Tesla Effect (HKLM-x32\...\Steam App 261510) (Version:  - Big Finish Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version:  - Most Wanted Entertainment)
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Tron 2.0 (HKLM-x32\...\Steam App 327740) (Version:  - Monolith Productions, Inc.)
TRON 2.0 v1.042 Update (HKLM-x32\...\TRON 2.0 v1.042 Update) (Version:  - )
TRON 2.0: Killer App Mod (HKLM-x32\...\Killer App Mod) (Version: v1.1a - LDSO and Killer App Mod Team)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
TV Movie ClickFinder (HKLM-x32\...\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}) (Version: 1.00.0000 - TV Movie)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vessel (HKLM-x32\...\Steam App 108500) (Version:  - Strange Loop Games)
Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.62 - VSO Software)
VSO ConvertXtoVideo Ultimate 1 (HKLM-x32\...\{{ECDB800F-E1F0-48FE-B393-E12E40CD3A89}_is1) (Version: 1.5.0.36 - VSO Software)
VSO Downloader 4.2.6.2 (HKLM-x32\...\{A0D0BA9E-F1A6-44FF-AA14-03ED96B3D56D}_is1) (Version: 4.2.6.2 - VSO Software)
VSO EVE Network Driver version 1.0.0.27 (HKLM-x32\...\{AC0AFDC9-4FB1-44FE-B3E1-82300BF3D756}_is1) (Version: 1.0.0.27 - VSO Software)
Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version:  - Ubisoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Wings of Prey (HKLM-x32\...\Steam App 45300) (Version:  - Gaijin Entertainment)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
Worms Crazy Golf (HKLM-x32\...\Steam App 70620) (Version:  - Team17 Software Ltd.)
XMedia Recode Version 3.2.2.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.2.4 - XMedia Recode)
yuPlay client 0.7.40 (HKLM-x32\...\yuPlay клиент_is1) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

14-05-2015 02:39:38 Windows Update
19-05-2015 12:18:03 Windows Update
21-05-2015 02:16:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-04 14:19 - 00000903 ___RA C:\Windows\system32\Drivers\etc\hosts
65.112.87.186 tron20.master.gamespy.com
65.112.87.186 tron20.ms9.gamespy.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {160E2F40-C2F6-4674-82D5-4AE6461350AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-28] (Avast Software s.r.o.)
Task: {490AEBC7-0393-4EF3-A238-A46B3071DDBD} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DipAwayMode.exe [2013-09-18] ()
Task: {4B87D5B4-7443-46D8-9871-3917C52E33A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {54F7257B-879B-4A5A-B6D7-8920F736D1A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {6596BD2A-F3C7-49F5-A8DD-09238F492D1E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {67B55842-72A9-47A4-BF83-196B8B433666} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {771C634C-317C-456E-80CB-4F56F0A36B6D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {7CDA4C3C-A9F4-47BD-B6F1-50C6E85008B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {EE8811AF-D321-43B4-8972-90F358C5A00E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {F1F1533A-C471-4BEC-B072-472D70C2E644} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-16 17:02 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-01-06 18:45 - 2014-04-08 10:43 - 00847360 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2015-01-11 15:56 - 2012-09-25 12:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-01-06 18:21 - 2013-05-07 16:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-01-06 20:48 - 2013-09-18 11:18 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DipAwayMode.exe
2015-01-11 15:50 - 2011-04-01 15:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2015-01-11 15:50 - 2013-01-09 17:05 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2015-03-05 04:38 - 2015-05-11 00:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-11 15:56 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-04-28 15:11 - 2015-04-28 15:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-28 15:11 - 2015-04-28 15:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-21 22:12 - 2015-05-21 22:12 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052101\algo.dll
2015-05-04 15:53 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-01-06 18:45 - 2014-04-08 10:42 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-01-06 18:45 - 2014-04-08 10:42 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2015-01-06 18:45 - 2014-04-08 10:42 - 00298496 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2015-01-11 15:56 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-04-12 16:35 - 2015-04-12 16:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-06 18:21 - 2015-05-21 14:11 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-01-06 18:21 - 2013-05-07 16:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-01-06 20:48 - 2013-09-18 11:18 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-01-06 20:48 - 2013-09-18 11:18 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4EpuAction.dll
2015-01-06 20:48 - 2013-09-18 11:18 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4FanAction.dll
2015-01-06 20:48 - 2013-09-18 11:18 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-01-06 20:48 - 2013-09-18 11:18 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\UsbPowerManager.dll
2015-01-06 20:47 - 2013-08-07 20:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-01-06 20:48 - 2013-09-18 11:27 - 02371584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\tufx.dll
2015-01-06 20:47 - 2013-06-04 18:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-01-06 20:47 - 2013-08-07 20:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-09-15 07:17 - 2014-09-15 07:17 - 00114304 _____ () C:\Program Files (x86)\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2015-01-06 20:53 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-06 18:25 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupreg: ACPW05DE => "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe" /pid ACPW05DE
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_8252431206705CA8C92C144971B8E8EF => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MouseDriver => TiltWheelMouse.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5DE6EB3A-5C2C-4582-B609-AE14F1A55912}] => (Allow) LPort=54925
FirewallRules: [{E463A16D-F718-4BE6-95E4-FFBE9D90765F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{18DDA827-8247-475C-8D8F-009A3DDFE349}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0D29C7BD-3577-4D59-863A-2E5E9756E856}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{827120C0-2E79-40B0-BF25-94CE74D0765E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5728EAF8-F301-4E8F-A263-15452B3C9B3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D84DC50B-7A1B-4715-9489-7260EED99F0A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92532BB9-E538-4720-88EB-B6E7137B6326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E9642276-E030-4597-BD0C-D30E43405555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{82A84747-C208-468D-BDE3-DE4C95223D86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{54580992-E792-4980-89BC-0216ACD7D68C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9E3E5FC7-535A-4682-91DB-CF6B6BA66D0E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{C47FBEC3-8D8B-4175-9982-C7F76A911D8B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CA437B6F-2D15-43E7-92DD-7640055A9B28}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{39F60726-A7C8-423D-B9F5-CB3B231FF027}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E23D2D97-C36D-4149-B9C7-F6D85365C904}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{16804EDA-A66C-405B-99DF-0C74D48FF489}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{CA9DF019-7736-4DE1-8C22-B4863C585E37}] => (Allow) D:\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [{969BB6AD-B731-4B19-A705-752A4A18AF77}] => (Allow) D:\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [{64FB8349-F006-4DD0-A1CF-D96B01227E6E}] => (Allow) D:\Steam\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe
FirewallRules: [{3C0102B5-09B3-4A62-BA79-437E3BD03F07}] => (Allow) D:\Steam\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe
FirewallRules: [{1606584A-B90B-4CE1-87C4-401E1B37050D}] => (Allow) D:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{38C199EE-2386-4045-A3AB-E5FC77024D77}] => (Allow) D:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{3930389D-1709-4D64-B9FC-9A3FB4722D20}] => (Allow) D:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{7AC3B7F4-02FA-47D6-A7CC-7420E5249118}] => (Allow) D:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{4661502A-38AB-4B1B-80B9-59251E45CB10}] => (Allow) D:\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{D67D3F41-07D6-4122-AB8F-26BBBA0348D7}] => (Allow) D:\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{D1B430B5-0C8A-475F-820E-E3DBFFCE721C}] => (Allow) D:\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{45E2F2B7-A0A4-4C03-959C-1D7EAE2D7D22}] => (Allow) D:\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{6AF11520-F085-4989-BB65-DAF15E2B25BE}] => (Allow) D:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{06D48E36-E412-4EB4-AA16-376B541ED8B0}] => (Allow) D:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1B4F5DFA-0460-4F11-A188-69F48FDFD63D}] => (Allow) D:\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{7BA4FDB7-2D32-4D19-8736-2A2C5EB3358C}] => (Allow) D:\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{035D9139-A8EB-4048-BCD0-D86C9A00D440}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{DB5C89EE-7685-4CF4-9484-0E9344E23D20}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{F9E1B088-9FF7-4CA5-A8D3-7283A46551CA}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{CF115ACB-663B-4089-BD65-9549658E3B2F}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{11C60D03-85CB-4B57-AB62-096C6B72038F}] => (Allow) D:\Steam\steamapps\common\Carnage Racing\CarnageRacing.exe
FirewallRules: [{F6412942-7600-4629-BFF3-CCF81C8B1C1B}] => (Allow) D:\Steam\steamapps\common\Carnage Racing\CarnageRacing.exe
FirewallRules: [{0ACB1ABA-9E77-4DC2-882D-ECEB630B9BC4}] => (Allow) D:\Steam\steamapps\common\Defcon\defcon.exe
FirewallRules: [{C0B4BC9C-C2FE-4966-A546-7E93BDE5F8BE}] => (Allow) D:\Steam\steamapps\common\Defcon\defcon.exe
FirewallRules: [{B123A1A5-32C4-49AE-828B-09586EF52395}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{D4DDAE3C-C1A6-4605-9A23-87A0379CF720}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{7EA792FF-3AAD-42F3-8A92-D2B96FF0BF90}] => (Allow) D:\Steam\steamapps\common\From Dust\From_Dust.exe
FirewallRules: [{DE9A504C-8746-4C66-935D-8B5C64F6CCD3}] => (Allow) D:\Steam\steamapps\common\From Dust\From_Dust.exe
FirewallRules: [{6F967B18-44A3-4105-8620-8AE7A7C9547A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{C03BF2B7-8D79-43A8-A8E6-551C3402AE56}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{4160B81D-9636-4335-A472-904212472656}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
FirewallRules: [{633D8D11-EF38-4B23-94D5-EF6DC6E16309}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
FirewallRules: [{13E8D768-2ED7-450E-9DA6-55770AA59677}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
FirewallRules: [{2F40AEF5-C784-4C7B-B3D5-7AB404109D11}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
FirewallRules: [{9EDF1D26-A082-409F-ACC4-0B3F1038925F}] => (Allow) D:\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe
FirewallRules: [{09385B85-1128-4D15-A67E-58C20CC781A1}] => (Allow) D:\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe
FirewallRules: [{145F6741-9A2C-481E-9D4F-F497F9B726FB}] => (Allow) D:\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{062339BC-B000-433F-98CB-632B291799D8}] => (Allow) D:\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{8658654A-1571-4A1A-BBA6-301E2353A071}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{9093848D-F1D5-45C6-998A-322A8D3CDC3A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{AB04C751-4D98-4172-922B-8987BCEBD610}] => (Allow) D:\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{583D4CF3-777C-4FA1-AC57-D44335901D53}] => (Allow) D:\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{4C06B129-88AB-4A81-9C79-8614F5E8433B}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{DB439122-8973-4959-8018-C3299ED42358}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{388405C4-24FB-4B72-BD23-9F625C320180}] => (Allow) D:\Steam\steamapps\common\Jamestown\Jamestown.exe
FirewallRules: [{422C5072-C368-4554-837F-44880A78CA6A}] => (Allow) D:\Steam\steamapps\common\Jamestown\Jamestown.exe
FirewallRules: [{A80275E1-7E4F-472A-9863-54F39F993535}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{B6FC15A5-6879-4BF3-A5CF-ECB5757ABCDE}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{9F2ADF69-4ADA-41DA-8988-C4AA9C80ED40}] => (Allow) D:\Steam\steamapps\common\Monkey2\Monkey2.exe
FirewallRules: [{D9AA0677-62CD-451D-BB8B-D32F2CB0480A}] => (Allow) D:\Steam\steamapps\common\Monkey2\Monkey2.exe
FirewallRules: [{1C83D5EE-95EB-4644-A31F-2F19291BD538}] => (Allow) D:\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{1ECD8D5F-F4CD-4D60-B815-8486F4F88190}] => (Allow) D:\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{6DA6D91A-9A48-4701-B9E5-AC67E408F0EA}] => (Allow) D:\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{77583893-69B6-4764-B526-45F75AFF1BF7}] => (Allow) D:\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{1B589C89-7D70-40E2-87E6-813DF07A432E}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{987FE9C4-3CA7-4115-9212-3BD061BB77D2}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{62531339-0114-494C-8B70-29D147B03FE7}] => (Allow) D:\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{E454CE02-58E3-4682-A22D-F6A53DA07798}] => (Allow) D:\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{CA3B47F0-C860-41D5-9302-817366D754F6}] => (Allow) D:\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{58D6FEE3-3108-4666-8719-EEFA4075B050}] => (Allow) D:\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{7F19CE73-E824-4193-8DA2-B8EFDBB6F49A}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{3865DF64-7E9C-4E9B-88F6-602FD6CF4269}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{4DC5AAED-E6AB-4E7F-83E2-4FC207954A94}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{1D337C0B-12FA-476E-98FE-A0791E918160}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{F8E6384F-DA4B-46CC-9D15-A0E9F76E342B}] => (Allow) D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{71FF48B9-5938-4247-BCBA-256AB243E217}] => (Allow) D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{D6AD5F1B-A390-48E0-8457-307FF58F4354}] => (Allow) D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{36FC5232-203A-4562-8EAD-87B229EF4CAC}] => (Allow) D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{2388F58E-90A3-4A48-B707-A236DFE2EFF8}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{6B2F7F39-BD24-4097-9CCA-6B0638FF70A9}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{198ABF80-C2B0-4DB4-B5F1-A388B7AD9005}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{55853A76-5A94-4A05-B8F0-EC19A0962554}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe
FirewallRules: [{A434F7C6-4CE8-4B71-AEE8-6FD95B6793C3}] => (Allow) D:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{15950D8A-B586-4D55-81A4-8BD794664C8A}] => (Allow) D:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{776A2B5A-27B3-48DA-BAF9-78F440717E34}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{136FD2FE-2D5D-4737-8908-D12EA4A7364E}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{01BEDF31-CB1B-4DEA-920C-BC35727A5968}] => (Allow) D:\Steam\steamapps\common\Shatter\Shatter.exe
FirewallRules: [{A9A19804-9223-416E-ADE9-1710E36A3F9F}] => (Allow) D:\Steam\steamapps\common\Shatter\Shatter.exe
FirewallRules: [{A5361F8A-A565-454B-8E4E-61D87CBAC1BD}] => (Allow) D:\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{2CF03505-FF96-47D0-AD00-5AA9189AF875}] => (Allow) D:\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{1976482E-5A13-45C0-83E8-49498D985CD8}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{57938199-DABF-4F24-8D32-C6CC92221E0B}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{8A667BF6-03AC-49E6-899D-8794D1190384}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{6CED203B-582B-44FC-A847-08873DA7DFCD}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{26365C04-B90D-4F6D-877A-A10E6CE96273}] => (Allow) D:\Steam\steamapps\common\Space Pirates and Zombies\SpazGame.exe
FirewallRules: [{FC462A89-FA40-4BE7-A54B-84FABCDB75C7}] => (Allow) D:\Steam\steamapps\common\Space Pirates and Zombies\SpazGame.exe
FirewallRules: [{63DF48F0-7755-4BE6-A2AF-C4C79FB30C9F}] => (Allow) D:\Steam\steamapps\common\Superfrog\Superfrog.exe
FirewallRules: [{7EF7AF67-5634-4CBB-B0C0-B1D6DF024AD1}] => (Allow) D:\Steam\steamapps\common\Superfrog\Superfrog.exe
FirewallRules: [{B9B2C040-9BBB-4966-84A1-34A3928AEF92}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{75B391A3-4FB5-41CD-B839-760029E77CD1}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{D04EEC4F-085E-425C-A6A5-819B0B86DFF7}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{560FA1A2-F440-4EBC-B0A4-EFB0D5EE2D60}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{68D4C2F9-6EA4-4AF2-B8E4-0336D2F75CFA}] => (Allow) D:\Steam\steamapps\common\Tesla Effect\TeslaEffect.exe
FirewallRules: [{03CCB984-6F75-4A2F-A0DE-1CD92AAF1143}] => (Allow) D:\Steam\steamapps\common\Tesla Effect\TeslaEffect.exe
FirewallRules: [{1D5B157E-4C2A-4E3C-B994-AEAC21A399D3}] => (Allow) D:\Steam\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{1A7956E3-7384-41AF-B133-C8225A0B2D69}] => (Allow) D:\Steam\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{A3C3CD27-FCA5-4E70-B90B-9818838F182F}] => (Allow) D:\Steam\steamapps\common\Tron 2.0\TronLauncher.exe
FirewallRules: [{2751EBFE-FC08-4705-A6D6-A34EB48AFEA9}] => (Allow) D:\Steam\steamapps\common\Tron 2.0\TronLauncher.exe
FirewallRules: [{96FC7842-5943-4E7F-ADED-8926D0D171FB}] => (Allow) D:\Steam\steamapps\common\Vessel\Vessel.exe
FirewallRules: [{050C142F-58AC-4BBB-A6A5-0EEF491F8D64}] => (Allow) D:\Steam\steamapps\common\Vessel\Vessel.exe
FirewallRules: [{E87A55C7-6F95-404A-8B98-DB3303AE395D}] => (Allow) D:\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9DEA38F4-B328-468C-A016-DEE8D2AED9B7}] => (Allow) D:\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{630BFBA3-6349-4DB5-A770-A5E888ABA900}] => (Allow) D:\Steam\steamapps\common\Wings of Prey\launcher.exe
FirewallRules: [{BB83D4D3-47B2-423F-8BED-A2BEFB46AEF4}] => (Allow) D:\Steam\steamapps\common\Wings of Prey\launcher.exe
FirewallRules: [{830C1B30-8DCC-4D8C-B04E-DDDFEBFECA62}] => (Allow) D:\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe
FirewallRules: [{997F3B79-2E7C-4081-AC81-2C2B9CF3BBDA}] => (Allow) D:\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe
FirewallRules: [{E5BF02B2-B643-4DC1-B083-E431E0010ACC}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{33DCE8E8-E879-423B-8A18-2A2B4C027274}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{E8D1DBEB-8FEE-45E8-AB32-0214BC5B9BA4}] => (Allow) D:\Steam\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{2FB3A701-762E-410D-8318-8B6F4D7BF1A8}] => (Allow) D:\Steam\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [TCP Query User{2CD4EEEC-6BF5-4383-8B79-787A41DDEDF6}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{20512F62-7B56-49DD-99AC-6A64D1222BFA}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D79B07F4-3BCE-4339-A291-0A991119911C}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{BF1CBDF1-6948-401C-946C-53D1E388798B}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{7DAE186E-702F-43A4-928E-F070A302865E}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{DA36085B-AA5B-4EBE-9D00-B0A69A7FFEF0}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{95AB1095-46EB-402C-A316-52FA7E36BA5F}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{761183F4-A811-48EF-B6EF-8F8E3A446955}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{CB552256-A066-4D28-818D-BD4B9E587193}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55C52B8E-4810-4A88-88B5-F4CED649B6A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4309019E-E1BA-4461-9191-BD6F2ADD7798}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{60FB1935-12A1-4ADE-8128-294ECAB7F6E6}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A9C3A65B-ACA5-4094-A4D6-EDBE5A7C39D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{53115D07-725E-43D6-A133-5BA5F689A6A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EA982433-2EE0-416B-89E1-B7D31787F683}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5A020AFA-CF62-42B7-A350-79099488E8A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6BF4839A-6BF3-4D82-8CC1-680F1C1E5650}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{C2A5D8EB-10DE-49CC-8E71-E68D880B7201}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{76C5C224-71AF-4045-801B-3976703031C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FFA2B150-7CD6-467D-8BA4-04A1AD6640DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{063D7720-935E-41AE-A83D-6FE96F2EFD5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0730B154-E556-4093-9F27-79F5E1F0736D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EA269721-467E-48D7-B908-6855A06B1D36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{424B6BA6-DC49-4B5E-8C59-B0FF230B498C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{16E471F1-63A3-4794-BCAC-B1FA43EB0349}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{E8A8C826-7613-48DD-A78B-CA7A5A5A8859}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{4EF32B40-B82A-4A69-A005-0F3BC83E300F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5E3B1F9B-9C92-41E5-A813-2511E5B3FA20}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{5AFC942C-DEDA-4E85-B25B-ED8AEBEBE1A1}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{71A36913-18A1-4BBC-92AD-BD13D5BAAA39}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{5F65A3A2-600B-45C2-BC5F-173ABD2E552E}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{9B7E1A1D-5289-4FF6-B8AA-A5AE008B3100}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{FFDEADE8-D90A-4238-BBA1-0BBD029B9E4A}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{DF9282C4-AE30-41E8-B0AD-2CEF6D6C6F0B}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{A1701104-EE30-4D0E-B7A9-8963BD27ACB4}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{AE94BAAA-EC41-42E3-97E0-C901ADDCC5F4}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{B22D969B-0F1B-4157-AC77-D5F8E731698C}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{E6879F8C-D6F2-44D1-A3B1-BDE7726F23CD}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{DC8889A6-CC31-4737-BD83-285AF9867E43}] => (Allow) D:\Steam\steamapps\common\Penguins Arena\PenguinsArena.exe
FirewallRules: [{6B3C2E41-8E72-49C2-A60B-5CCC7A4480AB}] => (Allow) D:\Steam\steamapps\common\Penguins Arena\PenguinsArena.exe
FirewallRules: [{8FA0BBDA-8D99-45AC-85D0-6A7D342C2975}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{77D9DF24-26AE-4987-9012-70D79F848E25}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C56AE735-BA77-4B28-BEEF-C58C3EC7746F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{90A7399F-60ED-43FA-8EE9-F1CB3C0CA2DA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{1F09E696-2160-4F41-AF5B-890BD7A3FB4D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{855A16B9-627F-4BB7-8570-4D9802901842}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CB9ADAB6-DF10-4D07-AA8F-97E22048864E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{7CE5DE79-EF60-4CE8-81BD-87B6675AF00F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{8404396D-6CEF-4D9C-BAA6-B8E51995265C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{9F851E8A-55F8-48AD-8DDB-4AEA13471974}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{318AFF9B-75F5-4BE4-AD24-438471494270}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D7A1B34D-B7D7-4536-9038-A60D328D0FBF}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{278ED6EC-CCD5-4833-B667-988F019C8386}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D055F1C7-2E00-4658-8C72-DAA42DC45186}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{17095B6F-45CD-422B-B81B-BA4DF366A74E}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{6E2CECCF-0A29-4C02-9DA0-903CF24B8668}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{BCB949B6-DBF6-433A-99C3-C35DDC33246E}] => (Allow) E:\Battlefield 2\BF2.exe
FirewallRules: [{9209A254-DEC8-4939-85A4-9832C7083049}] => (Allow) E:\Battlefield 2\BF2.exe
FirewallRules: [TCP Query User{F9C2B955-D2CA-4CC6-9CB1-04BEAABE85DC}E:\frags\srcds.exe] => (Allow) E:\frags\srcds.exe
FirewallRules: [UDP Query User{1B6285DC-E166-4EEC-8C98-A60CDA7195D3}E:\frags\srcds.exe] => (Allow) E:\frags\srcds.exe
FirewallRules: [{7401CDCD-9A39-4D7F-A43A-0A3996B200CE}] => (Block) E:\frags\srcds.exe
FirewallRules: [{E49F6730-8E28-49DC-89CD-E0A31798F84B}] => (Block) E:\frags\srcds.exe
FirewallRules: [{F537EA28-5D05-4D88-B079-335729A20190}] => (Allow) D:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe
FirewallRules: [{6E32BD8B-6E02-40F8-A693-BA1A9EDAEBDB}] => (Allow) D:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe
FirewallRules: [{76F83AF8-CC89-4DCB-88A0-283A6F670D72}] => (Allow) D:\Steam\steamapps\common\Solar 2\Solar2.exe
FirewallRules: [{DF8B7903-8F49-4E3C-8E49-EEC981B09E88}] => (Allow) D:\Steam\steamapps\common\Solar 2\Solar2.exe
FirewallRules: [{73C38388-4728-4C7C-BE56-5C62A52B71F5}] => (Allow) D:\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{F6E47135-0634-46F8-8171-789414E4826A}] => (Allow) D:\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{E11B3D34-CB73-4C1B-A30E-8B7D73E5210A}] => (Allow) D:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{9E8517D0-8886-47CA-BF1F-1C4D5D1309A3}] => (Allow) D:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{F3531A55-2AC7-40A5-B303-7E6ADC9FF985}] => (Allow) D:\Steam\steamapps\common\Rochard\Rochard.exe
FirewallRules: [{5961D8B0-10B1-4970-BA8E-F32D12016533}] => (Allow) D:\Steam\steamapps\common\Rochard\Rochard.exe
FirewallRules: [{E58DDB2F-C633-453C-A6EF-9142B6F11050}] => (Allow) D:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{1A3ED41E-4AFC-4853-A2B7-E34816E6CB31}] => (Allow) D:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{D2CA697A-453E-4D47-B903-953ACD94B8D7}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{4BDA4CA7-A07C-43F0-B75F-9AEE76DA7B3F}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{70FDECD6-CC4D-48F7-B2F8-CBDBE88F95DE}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{436A118B-F77B-44F0-B754-B30125CB1FB8}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [TCP Query User{D8CCD002-72BC-4DBC-9F4E-1D05B4A24D26}C:\users\ash\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ash\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{86D0C743-5A3D-4C09-816C-1C5848D4E5E1}C:\users\ash\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ash\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{371FA2BD-B3F6-4538-A0A5-A5854617EFBA}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{8D91996F-1D76-4D70-B2DD-4CB54429D889}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{BA7785A7-D575-49AE-AE25-43C9C6F24CEC}] => (Allow) D:\Steam\steamapps\common\narcissu2\narci2.exe
FirewallRules: [{DDF5D9A1-5DDF-46E4-9F06-390248DF76B1}] => (Allow) D:\Steam\steamapps\common\narcissu2\narci2.exe
FirewallRules: [{954F06E9-3752-4EE0-8D89-13883EC21CEF}] => (Allow) D:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{D5B051EB-FF52-403F-809F-76CE850FA741}] => (Allow) D:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{3DFEF7E8-841A-4700-AAD0-452ABEB16150}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F64612B8-D514-4991-82C6-6433FAC7C41A}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{43ABFA35-86CE-463D-8380-F741A7EE15F1}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe
FirewallRules: [{956516E0-C0BA-4F2D-ACB8-241676353036}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe
FirewallRules: [{2E501E5A-05D2-476B-94A4-620AEF7FE3FB}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{83DA8B1B-D330-4D21-BE28-4533A4D3A9DF}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{956458A0-4AA5-4AB7-8D0B-F17221120ADC}] => (Allow) D:\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{09BF9FAD-A59E-4C76-9E39-7BD7E6F5EF19}] => (Allow) D:\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{FF8755F8-3621-4340-B8A7-84C3F0D50A7B}] => (Allow) D:\Steam\steamapps\common\POSTAL1\Postal Plus.exe
FirewallRules: [{2F5DA145-55EE-4DE4-94B4-7D8624F5D1D8}] => (Allow) D:\Steam\steamapps\common\POSTAL1\Postal Plus.exe
FirewallRules: [{872BE437-8ABC-4B56-A64F-D5F3ADE073F9}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{4DE6F54E-1C16-433C-A64D-0EBB19719E61}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{F08F4A57-C946-43F9-95B6-20995FFDB467}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [{ACF043A5-1CA8-400C-ACC7-871ADD7579B8}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [{E95A1889-0D8D-4B2A-BD94-849649ADB707}] => (Allow) D:\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{3512E594-C272-40EF-80E9-94EA45419302}] => (Allow) D:\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{40D6C44E-2CA5-44F7-86CD-D5A6C8068DED}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{8385E264-3145-4997-B1A0-E768F06306A9}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{042B5DDE-6221-42DA-A898-835297796017}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{577494D1-F592-4841-A488-EA7EC9566153}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F979CF66-DA27-4CA1-BBA6-0B73A5F93BB6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{975D6476-4B5D-4D93-8B97-FC339F685A5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8759FB4C-9889-4259-B9AC-876D10F83F52}E:\tera\games\deu_deu\tera\tera-launcher.exe] => (Allow) E:\tera\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{C66A5963-259A-4DC6-AD81-493DE3AB7DC4}E:\tera\games\deu_deu\tera\tera-launcher.exe] => (Allow) E:\tera\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{94EC1524-DFB1-4AC4-9DD5-94CF24AD6CAE}] => (Block) E:\tera\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{14B57559-4C07-4853-BE36-639D666400EF}] => (Block) E:\tera\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{35DB9692-ABBA-4C84-99DC-9D87934E9934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B0D62E0-EFB6-4B80-B067-8C5496E53ABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FADC884E-8DCF-48BB-BA66-01E79A64EDE1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A84CEF0-8797-45EF-AB99-C7441A4A60BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB5C00C7-F948-4548-8837-E1718AB09980}] => (Allow) D:\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{BB66C0CA-5F0F-42AE-8C93-D82D7FA13E43}] => (Allow) D:\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{C834046F-31D2-44B7-8068-DC86C32CC35C}] => (Allow) D:\Steam\steamapps\common\strife\strife-ve.exe
FirewallRules: [{7B418971-2448-4FC4-B2ED-421E9B81100E}] => (Allow) D:\Steam\steamapps\common\strife\strife-ve.exe
FirewallRules: [{07DE01AA-D6C6-4A50-872F-0CEC17E079A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{299C6CB8-51AF-4933-A19B-8F909D1043C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{96B7A9A5-768F-4076-9CD4-D4706E30C7C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3DD2BED3-4B68-417E-A101-579DCDFCB483}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{21347F6F-4477-4F31-AAA1-0669336804C2}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{F96A7189-FE3A-4DB4-BC5A-6BFDDBDC0346}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{1DFAC8BE-6D06-4E39-B3FC-63471132883B}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{D174A505-5CF1-4BEF-8A22-4EE01AE8BFA8}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{00E8B022-8132-4ABD-90AE-3E91CE2589A8}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{F63D3F30-0AC5-451E-BC8D-34CE6DE4484C}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{9F868763-58B6-4E12-BBD4-BD5AD18BFE6F}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{69C498A3-3D48-4DA1-981D-C11A24469869}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{2C459425-8FD6-4830-91E7-A51BA97D134C}] => (Allow) e:\Tera\gfl_client.exe
FirewallRules: [{8A6BF52B-41E1-4E11-8E9B-987A77EE0139}] => (Allow) D:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{423902C5-EB36-4851-AAF2-024CCB466EA8}] => (Allow) D:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{E9B2BF5C-2399-44E2-BD6A-AB5C1F140201}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 01:57:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/22/2015 01:53:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/21/2015 04:26:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/21/2015 04:26:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/19/2015 07:23:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/19/2015 07:23:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7535

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7535

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/19/2015 04:45:21 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


System errors:
=============
Error: (05/21/2015 02:11:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/21/2015 02:11:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/20/2015 02:15:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/20/2015 02:15:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/19/2015 00:13:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/19/2015 00:13:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/18/2015 00:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/18/2015 00:26:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/17/2015 01:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (05/17/2015 01:11:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office:
=========================
Error: (05/22/2015 01:57:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestF:\Downloads\esetsmartinstaller_deu.exe

Error: (05/22/2015 01:53:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestF:\Downloads\esetsmartinstaller_deu.exe

Error: (05/21/2015 04:26:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files\CCleaner\CCleaner.exe

Error: (05/21/2015 04:26:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/19/2015 07:23:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files\CCleaner\CCleaner.exe

Error: (05/19/2015 07:23:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7535

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7535

Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/19/2015 04:45:21 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 8098.19 MB
Available physical RAM: 5790.56 MB
Total Pagefile: 16194.59 MB
Available Pagefile: 13799.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:37.64 GB) NTFS
Drive d: (Volume) (Fixed) (Total:500 GB) (Free:86.31 GB) NTFS
Drive e: (Volume) (Fixed) (Total:215.75 GB) (Free:132.37 GB) NTFS
Drive f: (Volume) (Fixed) (Total:215.75 GB) (Free:75.58 GB) NTFS
Drive g: (Volume) (Fixed) (Total:232.88 GB) (Free:104.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: CD339713)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0CF63428)
Partition 1: (Not Active) - (Size=500 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 698A5CBD)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================
         
Malwarebytes
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.05.2015
Suchlauf-Zeit: 02:31:57
Logdatei: malwarebyteslog.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.21.04
Rootkit Datenbank: v2015.05.16.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Ash

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 359693
Verstrichene Zeit: 4 Min, 47 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
__________________


Alt 22.05.2015, 19:23   #3
TattooPanda
 
Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



TDSS
Code:
ATTFilter
02:56:50.0290 0x0e40  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
02:56:59.0670 0x0e40  ============================================================
02:56:59.0670 0x0e40  Current date / time: 2015/05/22 02:56:59.0670
02:56:59.0670 0x0e40  SystemInfo:
02:56:59.0670 0x0e40  
02:56:59.0670 0x0e40  OS Version: 6.1.7601 ServicePack: 1.0
02:56:59.0670 0x0e40  Product type: Workstation
02:56:59.0670 0x0e40  ComputerName: ASH-PC
02:56:59.0670 0x0e40  UserName: Ash
02:56:59.0670 0x0e40  Windows directory: C:\Windows
02:56:59.0670 0x0e40  System windows directory: C:\Windows
02:56:59.0670 0x0e40  Running under WOW64
02:56:59.0670 0x0e40  Processor architecture: Intel x64
02:56:59.0671 0x0e40  Number of processors: 4
02:56:59.0671 0x0e40  Page size: 0x1000
02:56:59.0671 0x0e40  Boot type: Normal boot
02:56:59.0671 0x0e40  ============================================================
02:57:00.0041 0x0e40  KLMD registered as C:\Windows\system32\drivers\40741303.sys
02:57:00.0115 0x0e40  System UUID: {DEEEEE00-86C4-78B0-F587-4E451E967D92}
02:57:00.0382 0x0e40  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:57:00.0398 0x0e40  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:57:00.0417 0x0e40  Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:57:00.0433 0x0e40  ============================================================
02:57:00.0433 0x0e40  \Device\Harddisk0\DR0:
02:57:00.0433 0x0e40  MBR partitions:
02:57:00.0433 0x0e40  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:57:00.0433 0x0e40  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF62000
02:57:00.0434 0x0e40  \Device\Harddisk1\DR1:
02:57:00.0434 0x0e40  MBR partitions:
02:57:00.0434 0x0e40  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3E800000
02:57:00.0434 0x0e40  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3E800800, BlocksNum 0x1AF82800
02:57:00.0434 0x0e40  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x59783000, BlocksNum 0x1AF82800
02:57:00.0434 0x0e40  \Device\Harddisk2\DR2:
02:57:00.0442 0x0e40  MBR partitions:
02:57:00.0442 0x0e40  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
02:57:00.0442 0x0e40  ============================================================
02:57:00.0443 0x0e40  C: <-> \Device\Harddisk0\DR0\Partition2
02:57:00.0454 0x0e40  D: <-> \Device\Harddisk1\DR1\Partition1
02:57:00.0488 0x0e40  E: <-> \Device\Harddisk1\DR1\Partition2
02:57:00.0506 0x0e40  F: <-> \Device\Harddisk1\DR1\Partition3
02:57:00.0529 0x0e40  G: <-> \Device\Harddisk2\DR2\Partition1
02:57:00.0529 0x0e40  ============================================================
02:57:00.0529 0x0e40  Initialize success
02:57:00.0529 0x0e40  ============================================================
02:57:33.0941 0x1218  ============================================================
02:57:33.0941 0x1218  Scan started
02:57:33.0941 0x1218  Mode: Manual; SigCheck; TDLFS; 
02:57:33.0941 0x1218  ============================================================
02:57:33.0941 0x1218  KSN ping started
02:57:47.0640 0x1218  KSN ping finished: true
02:57:47.0874 0x1218  ================ Scan system memory ========================
02:57:47.0874 0x1218  System memory - ok
02:57:47.0874 0x1218  ================ Scan services =============================
02:57:47.0905 0x1218  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
02:57:47.0936 0x1218  1394ohci - ok
02:57:47.0952 0x1218  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
02:57:47.0952 0x1218  ACPI - ok
02:57:47.0968 0x1218  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
02:57:47.0968 0x1218  AcpiPmi - ok
02:57:47.0983 0x1218  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
02:57:47.0999 0x1218  adp94xx - ok
02:57:48.0014 0x1218  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
02:57:48.0014 0x1218  adpahci - ok
02:57:48.0030 0x1218  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
02:57:48.0030 0x1218  adpu320 - ok
02:57:48.0046 0x1218  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
02:57:48.0046 0x1218  AeLookupSvc - ok
02:57:48.0061 0x1218  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
02:57:48.0077 0x1218  AFD - ok
02:57:48.0077 0x1218  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
02:57:48.0092 0x1218  agp440 - ok
02:57:48.0092 0x1218  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
02:57:48.0092 0x1218  ALG - ok
02:57:48.0092 0x1218  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
02:57:48.0108 0x1218  aliide - ok
02:57:48.0108 0x1218  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
02:57:48.0108 0x1218  amdide - ok
02:57:48.0124 0x1218  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
02:57:48.0124 0x1218  AmdK8 - ok
02:57:48.0124 0x1218  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
02:57:48.0139 0x1218  AmdPPM - ok
02:57:48.0139 0x1218  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
02:57:48.0155 0x1218  amdsata - ok
02:57:48.0155 0x1218  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
02:57:48.0170 0x1218  amdsbs - ok
02:57:48.0170 0x1218  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
02:57:48.0170 0x1218  amdxata - ok
02:57:48.0170 0x1218  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
02:57:48.0186 0x1218  AppID - ok
02:57:48.0186 0x1218  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
02:57:48.0202 0x1218  AppIDSvc - ok
02:57:48.0202 0x1218  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
02:57:48.0202 0x1218  Appinfo - ok
02:57:48.0217 0x1218  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
02:57:48.0217 0x1218  arc - ok
02:57:48.0233 0x1218  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
02:57:48.0233 0x1218  arcsas - ok
02:57:48.0248 0x1218  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
02:57:48.0280 0x1218  asComSvc - ok
02:57:48.0295 0x1218  [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
02:57:48.0326 0x1218  asHmComSvc - ok
02:57:48.0342 0x1218  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
02:57:48.0342 0x1218  AsIO - ok
02:57:48.0358 0x1218  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:57:48.0358 0x1218  aspnet_state - ok
02:57:48.0373 0x1218  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
02:57:48.0373 0x1218  AsSysCtrlService - ok
02:57:48.0404 0x1218  [ F0AE6B03CF6F46D57993EFFB209DD758, E311E380B0A618DE7F1D0D0C184C5C8BCC9B92A235E0C5CCC4BE532E34B1027D ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe
02:57:48.0451 0x1218  AsusFanControlService - ok
02:57:48.0451 0x1218  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
02:57:48.0467 0x1218  aswHwid - ok
02:57:48.0467 0x1218  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
02:57:48.0467 0x1218  aswMonFlt - ok
02:57:48.0482 0x1218  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
02:57:48.0482 0x1218  aswRdr - ok
02:57:48.0482 0x1218  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
02:57:48.0498 0x1218  aswRvrt - ok
02:57:48.0514 0x1218  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
02:57:48.0529 0x1218  aswSnx - ok
02:57:48.0545 0x1218  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
02:57:48.0545 0x1218  aswSP - ok
02:57:48.0545 0x1218  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
02:57:48.0560 0x1218  aswStm - ok
02:57:48.0560 0x1218  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
02:57:48.0576 0x1218  aswVmm - ok
02:57:48.0576 0x1218  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
02:57:48.0592 0x1218  AsyncMac - ok
02:57:48.0607 0x1218  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
02:57:48.0607 0x1218  atapi - ok
02:57:48.0623 0x1218  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:57:48.0638 0x1218  AudioEndpointBuilder - ok
02:57:48.0654 0x1218  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
02:57:48.0670 0x1218  AudioSrv - ok
02:57:48.0670 0x1218  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
02:57:48.0685 0x1218  avast! Antivirus - ok
02:57:48.0701 0x1218  [ 53A2D65393D9F2F9DF8650385F2B9503, DD16F2076F8D1B75441E1B22A4D1E241818DD01C4B0CD7CDCD986A16CA21FC9F ] AVerAF35        C:\Windows\system32\Drivers\AVerAF35.sys
02:57:48.0716 0x1218  AVerAF35 - ok
02:57:48.0732 0x1218  [ 0BA47B92AAC60C9B527AFB7EB6BA9975, A82F1E41469D5171891629CB5BD0DAD403CC90BDAF564359B013F374E44ABD6C ] AVerRemote      C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
02:57:48.0732 0x1218  AVerRemote - detected UnsignedFile.Multi.Generic ( 1 )
02:57:51.0930 0x1218  AVerRemote ( UnsignedFile.Multi.Generic ) - warning
02:57:54.0691 0x1218  [ 3094F37D17C9F91632689FFE9381FC4B, F60905DEA3168D88CA55F39ABAB46D0EA54CAD924784CB1029AE1BAD0656EAA8 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
02:57:54.0707 0x1218  AVerScheduleService - detected UnsignedFile.Multi.Generic ( 1 )
02:57:57.0390 0x1218  Detect skipped due to KSN trusted
02:57:57.0390 0x1218  AVerScheduleService - ok
02:57:57.0406 0x1218  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
02:57:57.0421 0x1218  AxInstSV - ok
02:57:57.0437 0x1218  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
02:57:57.0452 0x1218  b06bdrv - ok
02:57:57.0468 0x1218  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
02:57:57.0484 0x1218  b57nd60a - ok
02:57:57.0484 0x1218  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
02:57:57.0484 0x1218  BDESVC - ok
02:57:57.0499 0x1218  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
02:57:57.0515 0x1218  Beep - ok
02:57:57.0530 0x1218  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
02:57:57.0546 0x1218  BFE - ok
02:57:57.0562 0x1218  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
02:57:57.0593 0x1218  BITS - ok
02:57:57.0608 0x1218  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
02:57:57.0608 0x1218  blbdrive - ok
02:57:57.0624 0x1218  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:57:57.0624 0x1218  Bonjour Service - ok
02:57:57.0640 0x1218  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
02:57:57.0640 0x1218  bowser - ok
02:57:57.0640 0x1218  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:57:57.0655 0x1218  BrFiltLo - ok
02:57:57.0655 0x1218  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:57:57.0671 0x1218  BrFiltUp - ok
02:57:57.0671 0x1218  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
02:57:57.0686 0x1218  Browser - ok
02:57:57.0686 0x1218  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
02:57:57.0702 0x1218  Brserid - ok
02:57:57.0702 0x1218  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
02:57:57.0718 0x1218  BrSerWdm - ok
02:57:57.0718 0x1218  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
02:57:57.0718 0x1218  BrUsbMdm - ok
02:57:57.0718 0x1218  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
02:57:57.0733 0x1218  BrUsbSer - ok
02:57:57.0733 0x1218  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
02:57:57.0749 0x1218  BTHMODEM - ok
02:57:57.0749 0x1218  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
02:57:57.0764 0x1218  bthserv - ok
02:57:57.0780 0x1218  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
02:57:57.0796 0x1218  cdfs - ok
02:57:57.0796 0x1218  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
02:57:57.0811 0x1218  cdrom - ok
02:57:57.0811 0x1218  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
02:57:57.0827 0x1218  CertPropSvc - ok
02:57:57.0842 0x1218  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
02:57:57.0842 0x1218  circlass - ok
02:57:57.0858 0x1218  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
02:57:57.0858 0x1218  CLFS - ok
02:57:57.0874 0x1218  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:57:57.0874 0x1218  clr_optimization_v2.0.50727_32 - ok
02:57:57.0889 0x1218  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:57:57.0889 0x1218  clr_optimization_v2.0.50727_64 - ok
02:57:57.0905 0x1218  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:57:57.0905 0x1218  clr_optimization_v4.0.30319_32 - ok
02:57:57.0920 0x1218  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:57:57.0920 0x1218  clr_optimization_v4.0.30319_64 - ok
02:57:57.0920 0x1218  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
02:57:57.0936 0x1218  CmBatt - ok
02:57:57.0936 0x1218  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
02:57:57.0952 0x1218  cmdide - ok
02:57:57.0952 0x1218  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
02:57:57.0967 0x1218  CNG - ok
02:57:57.0967 0x1218  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
02:57:57.0983 0x1218  Compbatt - ok
02:57:57.0983 0x1218  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
02:57:57.0998 0x1218  CompositeBus - ok
02:57:57.0998 0x1218  COMSysApp - ok
02:57:57.0998 0x1218  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
02:57:57.0998 0x1218  crcdisk - ok
02:57:58.0014 0x1218  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
02:57:58.0014 0x1218  CryptSvc - ok
02:57:58.0030 0x1218  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
02:57:58.0061 0x1218  DcomLaunch - ok
02:57:58.0061 0x1218  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
02:57:58.0092 0x1218  defragsvc - ok
02:57:58.0092 0x1218  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
02:57:58.0123 0x1218  DfsC - ok
02:57:58.0123 0x1218  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
02:57:58.0123 0x1218  dg_ssudbus - ok
02:57:58.0139 0x1218  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
02:57:58.0154 0x1218  Dhcp - ok
02:57:58.0170 0x1218  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
02:57:58.0201 0x1218  DiagTrack - ok
02:57:58.0201 0x1218  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
02:57:58.0217 0x1218  discache - ok
02:57:58.0232 0x1218  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
02:57:58.0232 0x1218  Disk - ok
02:57:58.0232 0x1218  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
02:57:58.0248 0x1218  Dnscache - ok
02:57:58.0264 0x1218  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
02:57:58.0279 0x1218  dot3svc - ok
02:57:58.0279 0x1218  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
02:57:58.0310 0x1218  DPS - ok
02:57:58.0310 0x1218  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
02:57:58.0310 0x1218  drmkaud - ok
02:57:58.0326 0x1218  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
02:57:58.0326 0x1218  dtsoftbus01 - ok
02:57:58.0357 0x1218  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
02:57:58.0373 0x1218  DXGKrnl - ok
02:57:58.0388 0x1218  [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
02:57:58.0388 0x1218  e1dexpress - ok
02:57:58.0404 0x1218  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
02:57:58.0420 0x1218  EapHost - ok
02:57:58.0482 0x1218  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
02:57:58.0560 0x1218  ebdrv - ok
02:57:58.0560 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
02:57:58.0576 0x1218  EFS - ok
02:57:58.0591 0x1218  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
02:57:58.0607 0x1218  ehRecvr - ok
02:57:58.0607 0x1218  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
02:57:58.0622 0x1218  ehSched - ok
02:57:58.0638 0x1218  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
02:57:58.0654 0x1218  elxstor - ok
02:57:58.0654 0x1218  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
02:57:58.0654 0x1218  ErrDev - ok
02:57:58.0669 0x1218  [ 5C3BF188F182C26974646A13B0CA4715, 5115BDA0CEEF830DDF14AC9B95E328218EFEA35AED337DD936A2D8F275ADBFAF ] Eve             C:\Windows\system32\DRIVERS\eve.sys
02:57:58.0669 0x1218  Eve - ok
02:57:58.0685 0x1218  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
02:57:58.0700 0x1218  EventSystem - ok
02:57:58.0716 0x1218  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
02:57:58.0732 0x1218  exfat - ok
02:57:58.0747 0x1218  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
02:57:58.0763 0x1218  fastfat - ok
02:57:58.0778 0x1218  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
02:57:58.0794 0x1218  Fax - ok
02:57:58.0810 0x1218  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
02:57:58.0810 0x1218  fdc - ok
02:57:58.0810 0x1218  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
02:57:58.0841 0x1218  fdPHost - ok
02:57:58.0841 0x1218  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
02:57:58.0856 0x1218  FDResPub - ok
02:57:58.0856 0x1218  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
02:57:58.0872 0x1218  FileInfo - ok
02:57:58.0872 0x1218  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
02:57:58.0888 0x1218  Filetrace - ok
02:57:58.0888 0x1218  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
02:57:58.0903 0x1218  flpydisk - ok
02:57:58.0903 0x1218  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
02:57:58.0919 0x1218  FltMgr - ok
02:57:58.0934 0x1218  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
02:57:58.0966 0x1218  FontCache - ok
02:57:58.0966 0x1218  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:57:58.0981 0x1218  FontCache3.0.0.0 - ok
02:57:58.0981 0x1218  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
02:57:58.0981 0x1218  FsDepends - ok
02:57:58.0981 0x1218  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
02:57:58.0997 0x1218  Fs_Rec - ok
02:57:58.0997 0x1218  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
02:57:59.0012 0x1218  fvevol - ok
02:57:59.0012 0x1218  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
02:57:59.0028 0x1218  gagp30kx - ok
02:57:59.0044 0x1218  [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
02:57:59.0059 0x1218  GfExperienceService - ok
02:57:59.0075 0x1218  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
02:57:59.0106 0x1218  gpsvc - ok
02:57:59.0122 0x1218  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:59.0122 0x1218  gupdate - ok
02:57:59.0122 0x1218  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:59.0137 0x1218  gupdatem - ok
02:57:59.0137 0x1218  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
02:57:59.0137 0x1218  hamachi - ok
02:57:59.0184 0x1218  [ B2D769C3899865902706A924CED699C7, 0E80C639BB6EA4E4CCA537494E8F96CB921DEB91429FFD0E93BBE966EF792916 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
02:57:59.0231 0x1218  Hamachi2Svc - ok
02:57:59.0231 0x1218  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
02:57:59.0246 0x1218  hcw85cir - ok
02:57:59.0246 0x1218  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:57:59.0262 0x1218  HdAudAddService - ok
02:57:59.0278 0x1218  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
02:57:59.0293 0x1218  HDAudBus - ok
02:57:59.0293 0x1218  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
02:57:59.0309 0x1218  HidBatt - ok
02:57:59.0309 0x1218  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
02:57:59.0324 0x1218  HidBth - ok
02:57:59.0324 0x1218  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
02:57:59.0340 0x1218  HidIr - ok
02:57:59.0340 0x1218  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
02:57:59.0371 0x1218  hidserv - ok
02:57:59.0371 0x1218  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
02:57:59.0387 0x1218  HidUsb - ok
02:57:59.0387 0x1218  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
02:57:59.0402 0x1218  hkmsvc - ok
02:57:59.0418 0x1218  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:57:59.0434 0x1218  HomeGroupListener - ok
02:57:59.0434 0x1218  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:57:59.0449 0x1218  HomeGroupProvider - ok
02:57:59.0449 0x1218  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
02:57:59.0465 0x1218  HpSAMD - ok
02:57:59.0480 0x1218  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
02:57:59.0496 0x1218  HTTP - ok
02:57:59.0496 0x1218  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
02:57:59.0512 0x1218  hwpolicy - ok
02:57:59.0512 0x1218  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
02:57:59.0527 0x1218  i8042prt - ok
02:57:59.0543 0x1218  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
02:57:59.0558 0x1218  iaStorA - ok
02:57:59.0558 0x1218  [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
02:57:59.0558 0x1218  iaStorF - ok
02:57:59.0574 0x1218  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
02:57:59.0590 0x1218  iaStorV - ok
02:57:59.0590 0x1218  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
02:57:59.0605 0x1218  ICCS - ok
02:57:59.0605 0x1218  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
02:57:59.0621 0x1218  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
02:58:02.0413 0x1218  Detect skipped due to KSN trusted
02:58:02.0413 0x1218  IDriverT - ok
02:58:02.0460 0x1218  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:58:02.0491 0x1218  idsvc - ok
02:58:02.0491 0x1218  IEEtwCollectorService - ok
02:58:02.0491 0x1218  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
02:58:02.0507 0x1218  iirsp - ok
02:58:02.0522 0x1218  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
02:58:02.0538 0x1218  IKEEXT - ok
02:58:02.0600 0x1218  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:58:02.0663 0x1218  IntcAzAudAddService - ok
02:58:02.0678 0x1218  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
02:58:02.0694 0x1218  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
02:58:05.0486 0x1218  Detect skipped due to KSN trusted
02:58:05.0486 0x1218  Intel(R) Capability Licensing Service Interface - ok
02:58:05.0518 0x1218  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
02:58:05.0549 0x1218  Intel(R) Capability Licensing Service TCP IP Interface - ok
02:58:05.0549 0x1218  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
02:58:05.0564 0x1218  intelide - ok
02:58:05.0564 0x1218  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
02:58:05.0564 0x1218  intelppm - ok
02:58:05.0580 0x1218  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
02:58:05.0596 0x1218  IPBusEnum - ok
02:58:05.0596 0x1218  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:58:05.0611 0x1218  IpFilterDriver - ok
02:58:05.0627 0x1218  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
02:58:05.0642 0x1218  iphlpsvc - ok
02:58:05.0658 0x1218  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
02:58:05.0658 0x1218  IPMIDRV - ok
02:58:05.0674 0x1218  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
02:58:05.0689 0x1218  IPNAT - ok
02:58:05.0689 0x1218  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
02:58:05.0705 0x1218  IRENUM - ok
02:58:05.0705 0x1218  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
02:58:05.0705 0x1218  isapnp - ok
02:58:05.0720 0x1218  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
02:58:05.0736 0x1218  iScsiPrt - ok
02:58:05.0736 0x1218  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
02:58:05.0736 0x1218  iusb3hcs - ok
02:58:05.0752 0x1218  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
02:58:05.0752 0x1218  iusb3hub - ok
02:58:05.0767 0x1218  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
02:58:05.0783 0x1218  iusb3xhc - ok
02:58:05.0798 0x1218  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
02:58:05.0798 0x1218  jhi_service - ok
02:58:05.0798 0x1218  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
02:58:05.0814 0x1218  kbdclass - ok
02:58:05.0814 0x1218  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
02:58:05.0814 0x1218  kbdhid - ok
02:58:05.0830 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
02:58:05.0830 0x1218  KeyIso - ok
02:58:05.0830 0x1218  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
02:58:05.0845 0x1218  KSecDD - ok
02:58:05.0845 0x1218  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
02:58:05.0861 0x1218  KSecPkg - ok
02:58:05.0861 0x1218  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
02:58:05.0876 0x1218  ksthunk - ok
02:58:05.0876 0x1218  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
02:58:05.0908 0x1218  KtmRm - ok
02:58:05.0923 0x1218  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
02:58:05.0939 0x1218  LanmanServer - ok
02:58:05.0939 0x1218  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:58:05.0970 0x1218  LanmanWorkstation - ok
02:58:05.0970 0x1218  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
02:58:05.0970 0x1218  LGBusEnum - ok
02:58:05.0970 0x1218  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
02:58:05.0986 0x1218  LGSHidFilt - ok
02:58:05.0986 0x1218  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
02:58:05.0986 0x1218  LGSUsbFilt - ok
02:58:06.0001 0x1218  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
02:58:06.0001 0x1218  LGVirHid - ok
02:58:06.0001 0x1218  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
02:58:06.0017 0x1218  lltdio - ok
02:58:06.0032 0x1218  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
02:58:06.0064 0x1218  lltdsvc - ok
02:58:06.0064 0x1218  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
02:58:06.0079 0x1218  lmhosts - ok
02:58:06.0095 0x1218  [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
02:58:06.0095 0x1218  LMIGuardianSvc - ok
02:58:06.0110 0x1218  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:58:06.0126 0x1218  LMS - ok
02:58:06.0126 0x1218  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
02:58:06.0142 0x1218  LSI_FC - ok
02:58:06.0142 0x1218  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
02:58:06.0142 0x1218  LSI_SAS - ok
02:58:06.0157 0x1218  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:58:06.0157 0x1218  LSI_SAS2 - ok
02:58:06.0157 0x1218  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:58:06.0173 0x1218  LSI_SCSI - ok
02:58:06.0173 0x1218  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
02:58:06.0204 0x1218  luafv - ok
02:58:06.0204 0x1218  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
02:58:06.0204 0x1218  MBAMProtector - ok
02:58:06.0220 0x1218  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
02:58:06.0235 0x1218  MBAMService - ok
02:58:06.0251 0x1218  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
02:58:06.0251 0x1218  MBAMWebAccessControl - ok
02:58:06.0251 0x1218  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
02:58:06.0266 0x1218  Mcx2Svc - ok
02:58:06.0266 0x1218  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
02:58:06.0266 0x1218  megasas - ok
02:58:06.0282 0x1218  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
02:58:06.0298 0x1218  MegaSR - ok
02:58:06.0298 0x1218  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
02:58:06.0298 0x1218  MEIx64 - ok
02:58:06.0313 0x1218  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
02:58:06.0329 0x1218  MMCSS - ok
02:58:06.0329 0x1218  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
02:58:06.0344 0x1218  Modem - ok
02:58:06.0360 0x1218  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
02:58:06.0360 0x1218  monitor - ok
02:58:06.0360 0x1218  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
02:58:06.0376 0x1218  mouclass - ok
02:58:06.0376 0x1218  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
02:58:06.0376 0x1218  mouhid - ok
02:58:06.0391 0x1218  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
02:58:06.0391 0x1218  mountmgr - ok
02:58:06.0391 0x1218  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:58:06.0407 0x1218  MozillaMaintenance - ok
02:58:06.0407 0x1218  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
02:58:06.0422 0x1218  mpio - ok
02:58:06.0422 0x1218  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
02:58:06.0438 0x1218  mpsdrv - ok
02:58:06.0469 0x1218  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
02:58:06.0500 0x1218  MpsSvc - ok
02:58:06.0500 0x1218  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
02:58:06.0516 0x1218  MRxDAV - ok
02:58:06.0516 0x1218  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
02:58:06.0532 0x1218  mrxsmb - ok
02:58:06.0532 0x1218  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:58:06.0547 0x1218  mrxsmb10 - ok
02:58:06.0563 0x1218  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:58:06.0563 0x1218  mrxsmb20 - ok
02:58:06.0563 0x1218  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
02:58:06.0578 0x1218  msahci - ok
02:58:06.0578 0x1218  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
02:58:06.0578 0x1218  MSCamSvc - ok
02:58:06.0594 0x1218  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
02:58:06.0594 0x1218  msdsm - ok
02:58:06.0594 0x1218  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
02:58:06.0610 0x1218  MSDTC - ok
02:58:06.0610 0x1218  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
02:58:06.0641 0x1218  Msfs - ok
02:58:06.0641 0x1218  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
02:58:06.0656 0x1218  mshidkmdf - ok
02:58:06.0656 0x1218  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
02:58:06.0672 0x1218  MSHUSBVideo - ok
02:58:06.0672 0x1218  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
02:58:06.0672 0x1218  msisadrv - ok
02:58:06.0672 0x1218  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
02:58:06.0703 0x1218  MSiSCSI - ok
02:58:06.0703 0x1218  msiserver - ok
02:58:06.0703 0x1218  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
02:58:06.0719 0x1218  MSKSSRV - ok
02:58:06.0734 0x1218  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
02:58:06.0750 0x1218  MSPCLOCK - ok
02:58:06.0750 0x1218  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
02:58:06.0766 0x1218  MSPQM - ok
02:58:06.0781 0x1218  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
02:58:06.0781 0x1218  MsRPC - ok
02:58:06.0797 0x1218  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
02:58:06.0797 0x1218  mssmbios - ok
02:58:06.0797 0x1218  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
02:58:06.0812 0x1218  MSTEE - ok
02:58:06.0828 0x1218  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
02:58:06.0828 0x1218  MTConfig - ok
02:58:06.0828 0x1218  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
02:58:06.0844 0x1218  Mup - ok
02:58:06.0844 0x1218  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
02:58:06.0875 0x1218  napagent - ok
02:58:06.0890 0x1218  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
02:58:06.0906 0x1218  NativeWifiP - ok
02:58:06.0922 0x1218  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
02:58:06.0937 0x1218  NDIS - ok
02:58:06.0953 0x1218  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
02:58:06.0968 0x1218  NdisCap - ok
02:58:06.0968 0x1218  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
02:58:06.0984 0x1218  NdisTapi - ok
02:58:06.0984 0x1218  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
02:58:07.0015 0x1218  Ndisuio - ok
02:58:07.0015 0x1218  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
02:58:07.0031 0x1218  NdisWan - ok
02:58:07.0046 0x1218  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
02:58:07.0062 0x1218  NDProxy - ok
02:58:07.0062 0x1218  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
02:58:07.0078 0x1218  NetBIOS - ok
02:58:07.0093 0x1218  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
02:58:07.0109 0x1218  NetBT - ok
02:58:07.0109 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
02:58:07.0124 0x1218  Netlogon - ok
02:58:07.0124 0x1218  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
02:58:07.0156 0x1218  Netman - ok
02:58:07.0156 0x1218  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:58:07.0171 0x1218  NetMsmqActivator - ok
02:58:07.0171 0x1218  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:58:07.0187 0x1218  NetPipeActivator - ok
02:58:07.0202 0x1218  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
02:58:07.0218 0x1218  netprofm - ok
02:58:07.0234 0x1218  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:58:07.0234 0x1218  NetTcpActivator - ok
02:58:07.0234 0x1218  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:58:07.0249 0x1218  NetTcpPortSharing - ok
02:58:07.0249 0x1218  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
02:58:07.0265 0x1218  nfrd960 - ok
02:58:07.0265 0x1218  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
02:58:07.0280 0x1218  NlaSvc - ok
02:58:07.0280 0x1218  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf             C:\Windows\system32\drivers\npf.sys
02:58:07.0280 0x1218  npf - ok
02:58:07.0280 0x1218  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
02:58:07.0312 0x1218  Npfs - ok
02:58:07.0312 0x1218  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
02:58:07.0327 0x1218  nsi - ok
02:58:07.0327 0x1218  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
02:58:07.0358 0x1218  nsiproxy - ok
02:58:07.0390 0x1218  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
02:58:07.0421 0x1218  Ntfs - ok
02:58:07.0436 0x1218  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
02:58:07.0452 0x1218  Null - ok
02:58:07.0452 0x1218  NVHDA - ok
02:58:07.0592 0x1218  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:58:07.0733 0x1218  nvlddmkm - ok
02:58:07.0780 0x1218  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
02:58:07.0811 0x1218  NvNetworkService - ok
02:58:07.0811 0x1218  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
02:58:07.0826 0x1218  nvraid - ok
02:58:07.0826 0x1218  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
02:58:07.0842 0x1218  nvstor - ok
02:58:07.0842 0x1218  [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
02:58:07.0842 0x1218  NvStreamKms - ok
02:58:07.0842 0x1218  NvStreamSvc - ok
02:58:07.0858 0x1218  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
02:58:07.0889 0x1218  nvsvc - ok
02:58:07.0889 0x1218  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
02:58:07.0889 0x1218  nvvad_WaveExtensible - ok
02:58:07.0904 0x1218  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
02:58:07.0904 0x1218  nv_agp - ok
02:58:07.0904 0x1218  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
02:58:07.0920 0x1218  ohci1394 - ok
02:58:08.0014 0x1218  [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service E:\Origin\OriginClientService.exe
02:58:08.0076 0x1218  Origin Client Service - ok
02:58:08.0092 0x1218  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
02:58:08.0107 0x1218  p2pimsvc - ok
02:58:08.0123 0x1218  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
02:58:08.0138 0x1218  p2psvc - ok
02:58:08.0138 0x1218  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
02:58:08.0154 0x1218  Parport - ok
02:58:08.0154 0x1218  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
02:58:08.0170 0x1218  partmgr - ok
02:58:08.0170 0x1218  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
02:58:08.0185 0x1218  PcaSvc - ok
02:58:08.0185 0x1218  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
02:58:08.0201 0x1218  pci - ok
02:58:08.0201 0x1218  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
02:58:08.0201 0x1218  pciide - ok
02:58:08.0216 0x1218  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
02:58:08.0216 0x1218  pcmcia - ok
02:58:08.0232 0x1218  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
02:58:08.0232 0x1218  pcw - ok
02:58:08.0248 0x1218  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
02:58:08.0263 0x1218  PEAUTH - ok
02:58:08.0279 0x1218  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
02:58:08.0294 0x1218  PerfHost - ok
02:58:08.0326 0x1218  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
02:58:08.0372 0x1218  pla - ok
02:58:08.0388 0x1218  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
02:58:08.0404 0x1218  PlugPlay - ok
02:58:08.0404 0x1218  PnkBstrA - ok
02:58:08.0404 0x1218  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
02:58:08.0419 0x1218  PNRPAutoReg - ok
02:58:08.0419 0x1218  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
02:58:08.0435 0x1218  PNRPsvc - ok
02:58:08.0450 0x1218  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
02:58:08.0466 0x1218  PolicyAgent - ok
02:58:08.0482 0x1218  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
02:58:08.0497 0x1218  Power - ok
02:58:08.0513 0x1218  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
02:58:08.0528 0x1218  PptpMiniport - ok
02:58:08.0528 0x1218  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
02:58:08.0544 0x1218  Processor - ok
02:58:08.0544 0x1218  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
02:58:08.0560 0x1218  ProfSvc - ok
02:58:08.0560 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:58:08.0560 0x1218  ProtectedStorage - ok
02:58:08.0575 0x1218  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
02:58:08.0591 0x1218  Psched - ok
02:58:08.0622 0x1218  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
02:58:08.0653 0x1218  ql2300 - ok
02:58:08.0669 0x1218  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
02:58:08.0669 0x1218  ql40xx - ok
02:58:08.0684 0x1218  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
02:58:08.0700 0x1218  QWAVE - ok
02:58:08.0700 0x1218  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
02:58:08.0716 0x1218  QWAVEdrv - ok
02:58:08.0716 0x1218  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
02:58:08.0731 0x1218  RasAcd - ok
02:58:08.0731 0x1218  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
02:58:08.0762 0x1218  RasAgileVpn - ok
02:58:08.0762 0x1218  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
02:58:08.0778 0x1218  RasAuto - ok
02:58:08.0778 0x1218  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
02:58:08.0809 0x1218  Rasl2tp - ok
02:58:08.0809 0x1218  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
02:58:08.0840 0x1218  RasMan - ok
02:58:08.0840 0x1218  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
02:58:08.0872 0x1218  RasPppoe - ok
02:58:08.0872 0x1218  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
02:58:08.0887 0x1218  RasSstp - ok
02:58:08.0903 0x1218  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
02:58:08.0918 0x1218  rdbss - ok
02:58:08.0918 0x1218  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
02:58:08.0934 0x1218  rdpbus - ok
02:58:08.0934 0x1218  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
02:58:08.0950 0x1218  RDPCDD - ok
02:58:08.0965 0x1218  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
02:58:08.0981 0x1218  RDPENCDD - ok
02:58:08.0981 0x1218  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
02:58:08.0996 0x1218  RDPREFMP - ok
02:58:09.0012 0x1218  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
02:58:09.0012 0x1218  RDPWD - ok
02:58:09.0028 0x1218  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
02:58:09.0028 0x1218  rdyboost - ok
02:58:09.0043 0x1218  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
02:58:09.0059 0x1218  RemoteAccess - ok
02:58:09.0059 0x1218  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
02:58:09.0090 0x1218  RemoteRegistry - ok
02:58:09.0090 0x1218  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
02:58:09.0106 0x1218  RpcEptMapper - ok
02:58:09.0121 0x1218  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
02:58:09.0121 0x1218  RpcLocator - ok
02:58:09.0137 0x1218  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
02:58:09.0152 0x1218  RpcSs - ok
02:58:09.0168 0x1218  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
02:58:09.0184 0x1218  rspndr - ok
02:58:09.0199 0x1218  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
02:58:09.0215 0x1218  RTL8192cu - ok
02:58:09.0215 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
02:58:09.0230 0x1218  SamSs - ok
02:58:09.0230 0x1218  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
02:58:09.0246 0x1218  sbp2port - ok
02:58:09.0246 0x1218  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
02:58:09.0277 0x1218  SCardSvr - ok
02:58:09.0277 0x1218  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
02:58:09.0293 0x1218  scfilter - ok
02:58:09.0324 0x1218  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
02:58:09.0355 0x1218  Schedule - ok
02:58:09.0371 0x1218  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
02:58:09.0386 0x1218  SCPolicySvc - ok
02:58:09.0386 0x1218  [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple    C:\Windows\system32\drivers\SplitCamAudio.sys
02:58:09.0386 0x1218  scvad_simple - ok
02:58:09.0402 0x1218  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
02:58:09.0402 0x1218  SDRSVC - ok
02:58:09.0418 0x1218  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
02:58:09.0433 0x1218  secdrv - ok
02:58:09.0433 0x1218  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
02:58:09.0449 0x1218  seclogon - ok
02:58:09.0464 0x1218  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
02:58:09.0480 0x1218  SENS - ok
02:58:09.0480 0x1218  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
02:58:09.0496 0x1218  SensrSvc - ok
02:58:09.0496 0x1218  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
02:58:09.0496 0x1218  Serenum - ok
02:58:09.0511 0x1218  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
02:58:09.0511 0x1218  Serial - ok
02:58:09.0511 0x1218  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
02:58:09.0527 0x1218  sermouse - ok
02:58:09.0527 0x1218  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
02:58:09.0558 0x1218  SessionEnv - ok
02:58:09.0558 0x1218  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
02:58:09.0574 0x1218  sffdisk - ok
02:58:09.0574 0x1218  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
02:58:09.0574 0x1218  sffp_mmc - ok
02:58:09.0589 0x1218  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
02:58:09.0589 0x1218  sffp_sd - ok
02:58:09.0589 0x1218  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
02:58:09.0605 0x1218  sfloppy - ok
02:58:09.0605 0x1218  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
02:58:09.0636 0x1218  SharedAccess - ok
02:58:09.0652 0x1218  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:58:09.0683 0x1218  ShellHWDetection - ok
02:58:09.0683 0x1218  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:58:09.0683 0x1218  SiSRaid2 - ok
02:58:09.0683 0x1218  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
02:58:09.0698 0x1218  SiSRaid4 - ok
02:58:09.0698 0x1218  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
02:58:09.0730 0x1218  Smb - ok
02:58:09.0730 0x1218  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
02:58:09.0730 0x1218  SNMPTRAP - ok
02:58:09.0745 0x1218  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
02:58:09.0745 0x1218  spldr - ok
02:58:09.0761 0x1218  [ 8FD02AA2AB0A0EB8960E54833C779AC7, D5B63AE609D615E1E8CCCDDB6706CFC5A81190E1C16F521BD044760A3EF889F3 ] SpliCamService  C:\Program Files (x86)\SplitCam\SplitCamService.exe
02:58:09.0761 0x1218  SpliCamService - ok
02:58:09.0761 0x1218  [ 64065FFE37680ACACE4D2C8F3CF20541, F6D2883509C6B49180385AE850A6A50052C6450B7CC3DAFDEF551895EE37D444 ] splitcam_hd_driver C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys
02:58:09.0776 0x1218  splitcam_hd_driver - ok
02:58:09.0792 0x1218  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
02:58:09.0808 0x1218  Spooler - ok
02:58:09.0870 0x1218  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
02:58:09.0948 0x1218  sppsvc - ok
02:58:09.0948 0x1218  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
02:58:09.0979 0x1218  sppuinotify - ok
02:58:09.0979 0x1218  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
02:58:09.0995 0x1218  srv - ok
02:58:10.0010 0x1218  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
02:58:10.0026 0x1218  srv2 - ok
02:58:10.0026 0x1218  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
02:58:10.0042 0x1218  srvnet - ok
02:58:10.0042 0x1218  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
02:58:10.0073 0x1218  SSDPSRV - ok
02:58:10.0073 0x1218  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
02:58:10.0088 0x1218  SstpSvc - ok
02:58:10.0104 0x1218  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
02:58:10.0104 0x1218  ssudmdm - ok
02:58:10.0120 0x1218  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
02:58:10.0151 0x1218  ss_conn_service - ok
02:58:10.0151 0x1218  [ 0398BF35F898BA77033E678609AAB64F, E48D2E1E1C8FD314340BA1AA69E8942F630139B1E7019C8828BA5525444320D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:58:10.0182 0x1218  Steam Client Service - ok
02:58:10.0182 0x1218  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
02:58:10.0182 0x1218  stexstor - ok
02:58:10.0182 0x1218  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
02:58:10.0198 0x1218  StillCam - ok
02:58:10.0198 0x1218  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
02:58:10.0229 0x1218  stisvc - ok
02:58:10.0229 0x1218  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
02:58:10.0229 0x1218  swenum - ok
02:58:10.0244 0x1218  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
02:58:10.0276 0x1218  swprv - ok
02:58:10.0307 0x1218  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
02:58:10.0354 0x1218  SysMain - ok
02:58:10.0369 0x1218  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:58:10.0369 0x1218  TabletInputService - ok
02:58:10.0385 0x1218  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
02:58:10.0385 0x1218  tap0901 - ok
02:58:10.0385 0x1218  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
02:58:10.0416 0x1218  TapiSrv - ok
02:58:10.0416 0x1218  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
02:58:10.0447 0x1218  TBS - ok
02:58:10.0478 0x1218  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
02:58:10.0525 0x1218  Tcpip - ok
02:58:10.0556 0x1218  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
02:58:10.0588 0x1218  TCPIP6 - ok
02:58:10.0603 0x1218  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
02:58:10.0603 0x1218  tcpipreg - ok
02:58:10.0603 0x1218  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
02:58:10.0619 0x1218  TDPIPE - ok
02:58:10.0619 0x1218  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
02:58:10.0634 0x1218  TDTCP - ok
02:58:10.0634 0x1218  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
02:58:10.0650 0x1218  tdx - ok
02:58:10.0728 0x1218  [ 6CA83C69643E7BF144A428B7BDC7D630, DB015BA4428509E1D5BE74FEFB446A29D316564617EB15A379424B3FCE3B74A9 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
02:58:10.0806 0x1218  TeamViewer - ok
02:58:10.0806 0x1218  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
02:58:10.0822 0x1218  TermDD - ok
02:58:10.0837 0x1218  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
02:58:10.0853 0x1218  TermService - ok
02:58:10.0853 0x1218  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
02:58:10.0868 0x1218  Themes - ok
02:58:10.0868 0x1218  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
02:58:10.0884 0x1218  THREADORDER - ok
02:58:10.0900 0x1218  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
02:58:10.0915 0x1218  TrkWks - ok
02:58:10.0915 0x1218  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:58:10.0946 0x1218  TrustedInstaller - ok
02:58:10.0946 0x1218  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
02:58:10.0962 0x1218  tssecsrv - ok
02:58:10.0962 0x1218  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
02:58:10.0962 0x1218  TsUsbFlt - ok
02:58:10.0962 0x1218  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
02:58:10.0993 0x1218  tunnel - ok
02:58:10.0993 0x1218  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\Windows\system32\DRIVERS\t_mouse.sys
02:58:10.0993 0x1218  t_mouse.sys - ok
02:58:11.0009 0x1218  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
02:58:11.0009 0x1218  uagp35 - ok
02:58:11.0024 0x1218  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
02:58:11.0040 0x1218  udfs - ok
02:58:11.0040 0x1218  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
02:58:11.0056 0x1218  UI0Detect - ok
02:58:11.0056 0x1218  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
02:58:11.0071 0x1218  uliagpkx - ok
02:58:11.0071 0x1218  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
02:58:11.0071 0x1218  umbus - ok
02:58:11.0087 0x1218  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
02:58:11.0087 0x1218  UmPass - ok
02:58:11.0102 0x1218  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
02:58:11.0118 0x1218  upnphost - ok
02:58:11.0134 0x1218  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
02:58:11.0134 0x1218  usbaudio - ok
02:58:11.0134 0x1218  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
02:58:11.0149 0x1218  usbccgp - ok
02:58:11.0149 0x1218  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
02:58:11.0165 0x1218  usbcir - ok
02:58:11.0165 0x1218  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
02:58:11.0180 0x1218  usbehci - ok
02:58:11.0180 0x1218  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
02:58:11.0196 0x1218  usbhub - ok
02:58:11.0212 0x1218  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
02:58:11.0212 0x1218  usbohci - ok
02:58:11.0212 0x1218  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
02:58:11.0227 0x1218  usbprint - ok
02:58:11.0227 0x1218  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:58:11.0243 0x1218  USBSTOR - ok
02:58:11.0243 0x1218  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
02:58:11.0243 0x1218  usbuhci - ok
02:58:11.0243 0x1218  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
02:58:11.0258 0x1218  usbvideo - ok
02:58:11.0258 0x1218  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
02:58:11.0290 0x1218  UxSms - ok
02:58:11.0290 0x1218  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
02:58:11.0290 0x1218  VaultSvc - ok
02:58:11.0305 0x1218  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
02:58:11.0305 0x1218  vdrvroot - ok
02:58:11.0321 0x1218  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
02:58:11.0352 0x1218  vds - ok
02:58:11.0352 0x1218  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
02:58:11.0352 0x1218  vga - ok
02:58:11.0368 0x1218  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
02:58:11.0383 0x1218  VgaSave - ok
02:58:11.0383 0x1218  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
02:58:11.0399 0x1218  vhdmp - ok
02:58:11.0399 0x1218  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
02:58:11.0399 0x1218  viaide - ok
02:58:11.0414 0x1218  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
02:58:11.0414 0x1218  volmgr - ok
02:58:11.0430 0x1218  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
02:58:11.0430 0x1218  volmgrx - ok
02:58:11.0446 0x1218  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
02:58:11.0461 0x1218  volsnap - ok
02:58:11.0461 0x1218  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
02:58:11.0477 0x1218  vsmraid - ok
02:58:11.0508 0x1218  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
02:58:11.0555 0x1218  VSS - ok
02:58:11.0555 0x1218  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
02:58:11.0570 0x1218  vwifibus - ok
02:58:11.0570 0x1218  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
02:58:11.0586 0x1218  vwififlt - ok
02:58:11.0586 0x1218  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
02:58:11.0617 0x1218  W32Time - ok
02:58:11.0617 0x1218  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
02:58:11.0633 0x1218  WacomPen - ok
02:58:11.0633 0x1218  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
02:58:11.0664 0x1218  WANARP - ok
02:58:11.0664 0x1218  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
02:58:11.0680 0x1218  Wanarpv6 - ok
02:58:11.0711 0x1218  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
02:58:11.0742 0x1218  wbengine - ok
02:58:11.0742 0x1218  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
02:58:11.0758 0x1218  WbioSrvc - ok
02:58:11.0773 0x1218  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
02:58:11.0789 0x1218  wcncsvc - ok
02:58:11.0789 0x1218  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:58:11.0804 0x1218  WcsPlugInService - ok
02:58:11.0804 0x1218  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
02:58:11.0820 0x1218  Wd - ok
02:58:11.0836 0x1218  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
02:58:11.0851 0x1218  Wdf01000 - ok
02:58:11.0851 0x1218  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
02:58:11.0867 0x1218  WdiServiceHost - ok
02:58:11.0867 0x1218  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
02:58:11.0867 0x1218  WdiSystemHost - ok
02:58:11.0882 0x1218  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
02:58:11.0898 0x1218  WebClient - ok
02:58:11.0898 0x1218  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
02:58:11.0929 0x1218  Wecsvc - ok
02:58:11.0929 0x1218  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
02:58:11.0945 0x1218  wercplsupport - ok
02:58:11.0960 0x1218  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
02:58:11.0976 0x1218  WerSvc - ok
02:58:11.0976 0x1218  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
02:58:11.0992 0x1218  WfpLwf - ok
02:58:12.0007 0x1218  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
02:58:12.0007 0x1218  WIMMount - ok
02:58:12.0007 0x1218  WinDefend - ok
02:58:12.0007 0x1218  WinHttpAutoProxySvc - ok
02:58:12.0023 0x1218  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
02:58:12.0038 0x1218  Winmgmt - ok
02:58:12.0085 0x1218  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
02:58:12.0116 0x1218  WinRM - ok
02:58:12.0132 0x1218  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
02:58:12.0132 0x1218  WinUsb - ok
02:58:12.0163 0x1218  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
02:58:12.0179 0x1218  Wlansvc - ok
02:58:12.0194 0x1218  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
02:58:12.0194 0x1218  WmiAcpi - ok
02:58:12.0194 0x1218  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
02:58:12.0210 0x1218  wmiApSrv - ok
02:58:12.0210 0x1218  WMPNetworkSvc - ok
02:58:12.0226 0x1218  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
02:58:12.0226 0x1218  WPCSvc - ok
02:58:12.0226 0x1218  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
02:58:12.0241 0x1218  WPDBusEnum - ok
02:58:12.0241 0x1218  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
02:58:12.0272 0x1218  ws2ifsl - ok
02:58:12.0272 0x1218  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
02:58:12.0288 0x1218  wscsvc - ok
02:58:12.0288 0x1218  WSearch - ok
02:58:12.0319 0x1218  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
02:58:12.0366 0x1218  wuauserv - ok
02:58:12.0382 0x1218  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
02:58:12.0382 0x1218  WudfPf - ok
02:58:12.0397 0x1218  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
02:58:12.0397 0x1218  WUDFRd - ok
02:58:12.0397 0x1218  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
02:58:12.0413 0x1218  wudfsvc - ok
02:58:12.0428 0x1218  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
02:58:12.0428 0x1218  WwanSvc - ok
02:58:12.0444 0x1218  ================ Scan global ===============================
02:58:12.0444 0x1218  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
02:58:12.0444 0x1218  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
02:58:12.0460 0x1218  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
02:58:12.0460 0x1218  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:58:12.0475 0x1218  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
02:58:12.0475 0x1218  [ Global ] - ok
02:58:12.0475 0x1218  ================ Scan MBR ==================================
02:58:12.0475 0x1218  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:58:12.0506 0x1218  \Device\Harddisk0\DR0 - ok
02:58:12.0538 0x1218  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
02:58:12.0600 0x1218  \Device\Harddisk1\DR1 - ok
02:58:12.0616 0x1218  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2
02:58:12.0678 0x1218  \Device\Harddisk2\DR2 - ok
02:58:12.0678 0x1218  ================ Scan VBR ==================================
02:58:12.0678 0x1218  [ 7BBDBEF73560D87FEA5C39E397AFDC46 ] \Device\Harddisk0\DR0\Partition1
02:58:12.0678 0x1218  \Device\Harddisk0\DR0\Partition1 - ok
02:58:12.0694 0x1218  [ 3432EDE2A7B8F3E73D7330E167C9CB32 ] \Device\Harddisk0\DR0\Partition2
02:58:12.0694 0x1218  \Device\Harddisk0\DR0\Partition2 - ok
02:58:12.0694 0x1218  [ 9BEC19E5519D94FE3CDDEA7486B2A91E ] \Device\Harddisk1\DR1\Partition1
02:58:12.0740 0x1218  \Device\Harddisk1\DR1\Partition1 - ok
02:58:12.0756 0x1218  [ 34C06E91BB64442142CA77B7D693AD42 ] \Device\Harddisk1\DR1\Partition2
02:58:12.0756 0x1218  \Device\Harddisk1\DR1\Partition2 - ok
02:58:12.0756 0x1218  [ A97C4610012178888FD8CC4BDE4DAC0E ] \Device\Harddisk1\DR1\Partition3
02:58:12.0756 0x1218  \Device\Harddisk1\DR1\Partition3 - ok
02:58:12.0756 0x1218  [ 8178AD706B39B8E88D7E152D2BA17ECE ] \Device\Harddisk2\DR2\Partition1
02:58:12.0756 0x1218  \Device\Harddisk2\DR2\Partition1 - ok
02:58:12.0756 0x1218  ================ Scan generic autorun ======================
02:58:12.0912 0x1218  [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
02:58:13.0037 0x1218  RTHDVCPL - ok
02:58:13.0240 0x1218  [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe
02:58:13.0442 0x1218  Launch LCore - ok
02:58:13.0458 0x1218  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
02:58:13.0474 0x1218  ShadowPlay - ok
02:58:13.0505 0x1218  [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
02:58:13.0552 0x1218  NvBackend - ok
02:58:13.0567 0x1218  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
02:58:13.0567 0x1218  USB3MON - ok
02:58:13.0598 0x1218  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
02:58:13.0614 0x1218  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
02:58:16.0422 0x1218  Detect skipped due to KSN trusted
02:58:16.0422 0x1218  BrMfcWnd - ok
02:58:16.0578 0x1218  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
02:58:16.0672 0x1218  AvastUI.exe - ok
02:58:16.0687 0x1218  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:58:16.0719 0x1218  Sidebar - ok
02:58:16.0719 0x1218  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:58:16.0734 0x1218  mctadmin - ok
02:58:16.0765 0x1218  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:58:16.0781 0x1218  Sidebar - ok
02:58:16.0781 0x1218  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:58:16.0797 0x1218  mctadmin - ok
02:58:16.0797 0x1218  [ 3CA879373F4F5A7BC57E5DD0CA4CC282, 6AA3521AC3B4402330AAE5595967C7E9C6A028FB52747ADD5FDC76AF39504FA5 ] C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvstart.exe
02:58:16.0812 0x1218  TVTip - detected UnsignedFile.Multi.Generic ( 1 )
02:58:19.0480 0x1218  Detect skipped due to KSN trusted
02:58:19.0480 0x1218  TVTip - ok
02:58:19.0480 0x1218  Waiting for KSN requests completion. In queue: 5
02:58:20.0494 0x1218  Waiting for KSN requests completion. In queue: 5
02:58:21.0508 0x1218  Waiting for KSN requests completion. In queue: 5
02:58:22.0553 0x1218  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
02:58:22.0553 0x1218  Win FW state via NFP2: enabled
02:58:25.0314 0x1218  ============================================================
02:58:25.0314 0x1218  Scan finished
02:58:25.0314 0x1218  ============================================================
02:58:25.0314 0x0578  Detected object count: 1
02:58:25.0314 0x0578  Actual detected object count: 1
02:58:44.0689 0x0578  AVerRemote ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:44.0689 0x0578  AVerRemote ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
MBAR
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.22.01
  rootkit: v2015.05.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Ash :: ASH-PC [administrator]

22.05.2015 12:32:04
mbar-log-2015-05-22 (12-32-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 360110
Time elapsed: 4 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Scan mit TDSS Killer ergab ein Ergebnis, ist aber die Software meines DVBT Sticks, wie das letzte mal auch.
Muss ich mir Sorgen machen oder machen die auch dicht, bzw bekomme ich so ne Mail,
wenn evtl mein Postfach ge-bruteforce'd wurde?
Sollte ich die jungs bei GMX mal anrufen und nachfragen, wenn auch 0900 nummer?
Wollte auch mal mit Avira Rescue Live CD booten und scannen, hing sich aber immer auf :/

Vielen Dank schonmal für deine Zeit!
__________________

Alt 23.05.2015, 17:53   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



Hi,

Passwort ändern und beobachten ob es nochmal vorkommt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.05.2015, 22:26   #5
TattooPanda
 
Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



ok, danke.


Alt 24.05.2015, 19:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Zugriff auf GMX durch dritte. Trojaner o.ä.? - Standard

Zugriff auf GMX durch dritte. Trojaner o.ä.?



kein Problem
__________________
--> Zugriff auf GMX durch dritte. Trojaner o.ä.?

Antwort

Themen zu Zugriff auf GMX durch dritte. Trojaner o.ä.?
antivirus, avast, bonjour, browser, computer, defender, e-mail, helper, home, installation, launch, mozilla, panda usb vaccine, realtek, registry, rundll, scan, schutz, security, sicherheit, software, svchost.exe, tcp, trojaner, usb, vista, windows



Ähnliche Themen: Zugriff auf GMX durch dritte. Trojaner o.ä.?


  1. Windows 8.1: Zugriff auf Router durch Fremdsoftware?
    Log-Analyse und Auswertung - 02.10.2015 (6)
  2. t-online Adresse eingeschränkt wg. mögl. Nutzung meines eMail Kontos durch Dritte
    Log-Analyse und Auswertung - 03.03.2015 (15)
  3. Browser- und Googleverlauf durch Dritte verändert
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (1)
  4. Battle.net Passwort wurde durch dritte geändert
    Log-Analyse und Auswertung - 17.08.2014 (4)
  5. Win Live Mail unter OS Win8.1 - Konto durch Dritte übernommen?
    Log-Analyse und Auswertung - 30.07.2014 (10)
  6. Zugriff durch zugangsdaten ?
    Diskussionsforum - 04.04.2014 (1)
  7. GenVariant.Jaik.462, Zugriff durch rundll32.exe
    Plagegeister aller Art und deren Bekämpfung - 09.02.2014 (10)
  8. LG-Smartphones: Root-Zugriff durch Backup-Programm
    Nachrichten - 25.06.2013 (0)
  9. Online Banking Zugriff durch Trojaner - Laptop neu aufsetzen?
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (4)
  10. System Progressive Protection - die Dritte
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (18)
  11. Trojaner durch E-Mail eingefangen - Zugriff auf Rechner nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 23.05.2012 (5)
  12. Zugriff auf System durch OTLPE
    Log-Analyse und Auswertung - 11.05.2012 (3)
  13. Datei- und Druckerfreigabe - Zugriff durch Fremde übers Internet?
    Alles rund um Windows - 27.04.2012 (3)
  14. Übernahme der Peripheriekontrolle durch unautorisierten Remote-Zugriff
    Log-Analyse und Auswertung - 11.01.2012 (13)
  15. Westernunion die dritte...
    Plagegeister aller Art und deren Bekämpfung - 20.10.2011 (16)
  16. Nach Virenbefall durch Microsoft Recovery kein Zugriff mehr auf C Platte.
    Plagegeister aller Art und deren Bekämpfung - 23.03.2011 (1)
  17. Vermute Zugriff von außen durch einen Dritten!!!
    Log-Analyse und Auswertung - 13.08.2009 (21)

Zum Thema Zugriff auf GMX durch dritte. Trojaner o.ä.? - Hallo Helfer! Problem : Heute eine E-Mail bekommen von GMX mit dem Inhalt: "GMX Sicherheit: Vorsorgliche Sicherheitssperre Ihres GMX Postfachs Unsere automatisierten Sicherheitssysteme haben Unregelmäßigkeiten beim Zugriff auf Ihr GMX - Zugriff auf GMX durch dritte. Trojaner o.ä.?...
Archiv
Du betrachtest: Zugriff auf GMX durch dritte. Trojaner o.ä.? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.