Ljay1894 | 17.09.2016 15:57 | Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Ljay (17-09-2016 16:38:44)
Gestartet von C:\Users\Ljay\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 16:16:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1394216866-2377116018-3699366936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1394216866-2377116018-3699366936-503 - Limited - Disabled)
Gast (S-1-5-21-1394216866-2377116018-3699366936-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1394216866-2377116018-3699366936-1003 - Limited - Enabled)
Ljay (S-1-5-21-1394216866-2377116018-3699366936-1001 - Administrator - Enabled) => C:\Users\Ljay
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
American Truck Simulator (HKLM\...\Steam App 270880) (Version: - SCS Software)
AnkhBotR2 version 1.0.0.64 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.0.64 - Marcin Swierzowski aka AnkhHeart)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company 2 (HKLM\...\Steam App 24960) (Version: - DICE)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Bloody6 (HKLM-x32\...\Bloody3) (Version: 16.07.0005 - Bloody)
Core Temp 1.3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.3 - ALCPU)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
DeepBot - Twitch Streamer Assistant (HKLM-x32\...\{2AD6838A-8827-4B70-83DB-0CDA4DF54C84}) (Version: 0.9.8.0 - DeepBot.tv)
Discord (HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Elgato Game Capture HD (HKLM\...\{4168DC82-DDA7-46D8-A111-4439B31B671F}) (Version: 3.20.21.1521 - Elgato Systems GmbH)
ESL Wire 1.19.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
Farming Simulator 15 (HKLM\...\Steam App 313160) (Version: - Giants Software)
Fernbus Simulator (HKLM\...\Steam App 427100) (Version: - TML-Studios)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the West (HKLM\...\Steam App 440090) (Version: - Tripwire Interactive)
Insurgency (HKLM\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Moobot Assistant (HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\40790fab0e175d6b) (Version: 1.0.0.1 - Knudsen Apps)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.15.1 - OBS Project)
OMSI 2 (HKLM\...\Steam App 252530) (Version: - MR-Software GbR)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Primal Carnage: Extinction (HKLM\...\Steam App 321360) (Version: - Circle Five Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM\...\Steam App 35450) (Version: - Tripwire Interactive)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Pirate: Caribbean Hunt (HKLM\...\Steam App 512470) (Version: - Home Net Games)
TruckersMP 0.2.1.0.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.0.2 Alpha - ETS2MP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1394216866-2377116018-3699366936-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ljay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {376C2C86-FE0A-4ED7-A964-767B9C4E1E00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {472C02D5-F52F-47FE-85AB-348E844C242A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-17] (Adobe Systems Incorporated)
Task: {49174651-4AAF-4543-9790-7E9CBA70C473} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {576DD5BC-D833-457C-B52F-EBB2FC7042CF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {8642FA8B-A5FF-49DA-A62D-CD903EA49E8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-16] (Google Inc.)
Task: {89DC7228-3B9A-4D28-B2E3-7B88BFD9FD1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-16] (Google Inc.)
Task: {A752261B-8654-4753-B663-38EA5799E566} - System32\Tasks\update-S-1-5-21-1394216866-2377116018-3699366936-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {B51972F9-9BD0-4AB1-A965-58E72D3C0C57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C2EDBB85-3639-4F0B-9AE0-D76F679A2B87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D22FF57C-DE6E-4712-A1F9-9FE11DA46180} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1394216866-2377116018-3699366936-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-16 17:11 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-04 17:54 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-04 17:53 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-05-01 18:46 - 2016-04-12 14:39 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2016-05-01 18:46 - 2016-04-14 10:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-24 18:40 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-18 13:55 - 2016-07-23 01:48 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-04-30 21:42 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-24 18:40 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-30 21:42 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-16 17:11 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 18:20 - 2016-08-04 18:20 - 00959168 _____ () C:\Users\Ljay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-16 17:11 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-16 17:11 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-16 17:11 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-16 17:11 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-16 17:11 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-16 17:11 - 2016-09-07 06:35 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-16 17:11 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-16 17:11 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-10 17:51 - 2016-09-10 17:51 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-10 17:51 - 2016-09-10 17:51 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-10 17:51 - 2016-09-10 17:51 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-16 17:11 - 2016-09-07 06:34 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-07-13 17:44 - 2016-03-29 14:53 - 00216456 _____ () C:\WINDOWS\SYSTEM32\MZ0380.X64.AX
2016-07-13 17:44 - 2016-03-29 14:53 - 00453000 _____ () C:\WINDOWS\SYSTEM32\MZ0380.C64.AX
2016-09-16 20:09 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-16 20:09 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-16 17:11 - 2016-09-07 06:34 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-09-16 17:11 - 2016-09-07 06:34 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-09-15 11:19 - 2016-09-15 11:19 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.41.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-08-04 17:53 - 2016-09-17 16:34 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-08-04 17:53 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-03-24 18:40 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-04-03 17:48 - 2014-04-03 17:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2016-05-01 12:22 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ljay\Pictures\254296.png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\StartupFolder: => "FacebookGamesNotifier.exe.lnk"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "ESL Wire"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-1394216866-2377116018-3699366936-1001\...\StartupApproved\Run: => "Speech Recognition"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{4F38BC18-590B-4C83-B63F-E9628525AF04}C:\users\ljay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ljay\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7FC49A0D-0119-42F7-826C-4DF978561EA7}C:\users\ljay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ljay\appdata\roaming\spotify\spotify.exe
FirewallRules: [{825F9881-885B-42F5-8952-8E3B7ED2879C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{9B1F31AC-7F81-4641-A320-E694F60FC6DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{1C0D587B-7797-42E7-BFA1-60C159F13B7C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C98ACBD7-F78D-4BF5-A769-FBC6AF02D696}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C33BE1F4-6B97-4CD3-B6A2-3B6D0E52FE6D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{09970102-380E-44C7-A8CB-CB92CFCFCF5C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67CF1339-960D-4CFC-9785-38507C2104D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A1269A91-66E9-48AA-9855-C500D31623B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5900C306-4844-4FE7-96D2-2AB188E5EB46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{A6D66601-CB2A-4715-BF09-8CA96D4BFF96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{A652E24C-3AB8-46DD-8FAA-D5676B7088C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Primal Carnage Extinction\Binaries\Win64\PrimalCarnageGame.exe
FirewallRules: [{8FE7A578-2256-48A5-AFD3-F3AA2B45EBBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Primal Carnage Extinction\Binaries\Win64\PrimalCarnageGame.exe
FirewallRules: [{056E8F8B-86C7-474D-AD0A-530917789603}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{7FB50762-66E7-46AC-B67C-29D3F6AE4EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{ADEA260D-C8E3-474E-811F-6CDBF2FD35E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{F87CF664-4843-41E8-831E-468543B286D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{3A9BC3D8-C4A7-4616-9594-11DD69EF3F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe
FirewallRules: [{FF872CB2-7B8D-414D-A7D5-9477785E439A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe
FirewallRules: [{C0776ADC-4651-4595-8F4F-B23BA4C4EE3D}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{8CFD9467-2D7D-4895-B880-B66B8E4A8396}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{B5A49ED3-DDC4-4E9A-BD62-EF59D0336119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{9C87F8C8-A4CC-423D-8A5C-1A76DA4A8C3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [UDP Query User{C14444EA-0A7A-4DB0-A306-AAAD9B09C642}C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [TCP Query User{DB8D6705-F971-4E6E-8D5F-EFF356CE7CEB}C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{61DC14A7-5A72-44DC-9F4F-BF0F446E5956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0BF59AE4-6F6A-47AF-B6D3-841DA08F9676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A046F044-A858-4B2B-8AE3-7CD970A1BDD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{D01B5F9B-99D2-4A6A-8EEA-0BE3D88A0437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{527FF524-3D44-4783-BF6C-16549347730B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A349BF3B-FDEF-469F-A150-EA21BFB7692B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{C329E204-C5B8-417F-849C-A2C6EDB0E93F}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{D18BBD2A-8892-4A97-AF51-4107BA452EDC}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{E3D14C5D-58B7-4A18-B1FD-25B82DD4B687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{DBD18C42-ED6E-4739-998F-842B44A883C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{4039399F-CD12-4639-ABE4-B1994D678EA8}C:\users\ljay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ljay\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B111D218-9C27-4656-8D00-5ECA74F6C464}C:\users\ljay\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ljay\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CE1DB10-8A99-41D3-A4E9-685608EE92FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{6BE90CF4-1432-435C-8EE9-8430756FE357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{58AB0ED0-49AB-44D6-9377-BAF2E4CC7E7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{1BE8EF7E-EC26-42FA-BA6D-A479D5A25B7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [UDP Query User{A24C5552-E148-4DFD-B1B1-EC967E408B9A}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{D50942F1-D19A-4EA9-8FC9-6B8BE3F8FAD5}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{E394D9E0-F3F9-439E-8381-42E5D038D1B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{CDDAEDDA-99DC-4B1E-B485-0406F9B0B7A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1EEEE5C9-29FB-41F9-9B88-FE5B87AD6FA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{7A970D9A-EBCD-4C23-9243-5B7A1B00AD0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6CEC7C42-8E1E-4BB9-B5C4-125ED6A14995}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{76B7155E-156E-4C23-8885-28B7F8AFCFD0}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{B9880E98-67A6-4997-A6EC-86AE03F0FE85}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{AA999C75-DC4C-4E5C-8C8B-2789C3BF6741}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [{5E472554-34C4-465C-A01D-B7130A9671C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [{0AD98485-78C9-42F2-B756-B7E987F6AD41}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A4955845-E0B1-417E-9733-1353A8A33F58}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{716929BD-96FD-4EE0-8570-03C03AAD89FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38F483A2-7102-4B3C-BC88-60F2830C809E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12E2544A-03DB-4865-A95A-8CC8F0EE3022}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C745E59E-207C-4B35-BF41-DE15B864D187}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9566EC9E-0599-4F7E-8C86-6458008C939F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2333AE5A-EB30-4700-B6A0-9F7D4FB8E7BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{77F6479D-9989-44F0-B64D-70171716DD6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC71B5BE-1DE0-4202-89CA-B62D25030B60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{07306D8C-F7A1-4AFC-A2A8-45B24C80388B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{45E7E0EC-F075-4E37-ABC2-572F0CFE4FA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6971D94F-3615-4832-9CE0-419C754DD933}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{EC9EAC13-B8F9-498F-AC29-06867143F965}C:\users\ljay\downloads\bombsquad_server_windows_1.4.96\bombsquad_server_windows_1.4.96\bs_headless.exe] => (Allow) C:\users\ljay\downloads\bombsquad_server_windows_1.4.96\bombsquad_server_windows_1.4.96\bs_headless.exe
FirewallRules: [UDP Query User{E8E73F9E-1F04-46F1-9D0E-937950F9DB8E}C:\users\ljay\downloads\bombsquad_server_windows_1.4.96\bombsquad_server_windows_1.4.96\bs_headless.exe] => (Allow) C:\users\ljay\downloads\bombsquad_server_windows_1.4.96\bombsquad_server_windows_1.4.96\bs_headless.exe
FirewallRules: [TCP Query User{6B9137F9-2C11-4755-914F-57DB2E9057C2}C:\users\ljay\downloads\bombsquad_server_windows_1.4.96 (1)\bombsquad_server_windows_1.4.96\bs_headless.exe] => (Allow) C:\users\ljay\downloads\bombsquad_server_windows_1.4.96 (1)\bombsquad_server_windows_1.4.96\bs_headless.exe
FirewallRules: [UDP Query User{390C9270-6AD5-483C-BA98-73B12FAA3F9D}C:\users\ljay\downloads\bombsquad_server_windows_1.4.96 (1)\bombsquad_server_windows_1.4.96\bs_headless.exe] => (Allow) C:\users\ljay\downloads\bombsquad_server_windows_1.4.96 (1)\bombsquad_server_windows_1.4.96\bs_headless.exe
FirewallRules: [{04C8B29A-FC6D-4142-B337-1A8F194AF454}] => (Allow) C:\Users\Ljay\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{11B2887D-F52F-4219-8609-CE944FD01EDD}] => (Allow) C:\Users\Ljay\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{483C7F60-5D78-4904-A807-1C868A3D84CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{6C2C3E71-DB75-4A2F-AC95-A93A0D037ACE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{57DE50A6-EC61-492F-BA28-123BB230AD7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fernbus Simulator\Fernbus.exe
FirewallRules: [{4E72EC62-5714-4A89-B148-8040F7ABDE11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fernbus Simulator\Fernbus.exe
FirewallRules: [TCP Query User{FB7B8312-33FE-492A-A3EF-746F7FA305F2}C:\program files (x86)\steam\steamapps\common\fernbus simulator\fernbus\binaries\win64\fernbus-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fernbus simulator\fernbus\binaries\win64\fernbus-win64-shipping.exe
FirewallRules: [UDP Query User{F7515834-87FC-414E-8971-CA1AC207633C}C:\program files (x86)\steam\steamapps\common\fernbus simulator\fernbus\binaries\win64\fernbus-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fernbus simulator\fernbus\binaries\win64\fernbus-win64-shipping.exe
FirewallRules: [{658DBD3E-4E85-45F8-BCCA-F5E50823FADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Pirate Caribbean Hunt\ThePirate.exe
FirewallRules: [{7D7B143E-C037-43F0-9059-C422489397DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Pirate Caribbean Hunt\ThePirate.exe
FirewallRules: [TCP Query User{6E934B2C-4189-4C95-A59E-F5340DE8DDA4}C:\deepbot - twitch streamer assistant\deepbot.exe] => (Allow) C:\deepbot - twitch streamer assistant\deepbot.exe
FirewallRules: [UDP Query User{BED848B8-8095-4EA6-86A5-F1E728D90E46}C:\deepbot - twitch streamer assistant\deepbot.exe] => (Allow) C:\deepbot - twitch streamer assistant\deepbot.exe
FirewallRules: [{AD6D42A9-722B-4F83-B23E-2C0B5089DB6B}] => (Allow) C:\Users\Ljay\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{DFE22E8E-534F-411D-916B-0F4FA1623BB4}] => (Allow) C:\Users\Ljay\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{753B6006-C92C-420A-AC0F-078163B88235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BA53EBD0-63B7-421C-BEAB-486459804528}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A6533521-7B02-4D8B-98FD-E9C6BA4CB654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{18940D54-323D-4870-BEBF-FB9E7B2A471B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{67883821-80A5-4437-A931-B4CDED324A04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8002E953-306D-440D-89DF-B47812022FD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1CC7A415-FFF7-4DA0-8E32-8B8ECE0053A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7991AF52-C531-43F0-BA7C-7E2D0F0B844A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{37D7CBA4-738B-4D89-B923-219F88C2AE26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
==================== Wiederherstellungspunkte =========================
16-09-2016 00:05:31 AA11
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/16/2016 08:29:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-SCSTULD)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/16/2016 08:29:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CHXSmartScreen.exe, Version: 0.0.0.0, Zeitstempel: 0x57899bb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0x25ac
Startzeit der fehlerhaften Anwendung: 0x01d2104846369e9f
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: e58339cd-b038-4689-9581-d2148f936bfb
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/16/2016 08:29:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-SCSTULD)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/16/2016 08:29:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CHXSmartScreen.exe, Version: 0.0.0.0, Zeitstempel: 0x57899bb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0xa54
Startzeit der fehlerhaften Anwendung: 0x01d2104843e3ade3
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: cc8c7e08-2b33-4ba8-a432-9c35bf46e518
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/16/2016 08:29:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-SCSTULD)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/16/2016 08:29:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CHXSmartScreen.exe, Version: 0.0.0.0, Zeitstempel: 0x57899bb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0x1060
Startzeit der fehlerhaften Anwendung: 0x01d2104840c13231
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 98466e3b-c1e6-4b19-9d16-41f17e50f688
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/16/2016 08:29:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-SCSTULD)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/16/2016 08:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CHXSmartScreen.exe, Version: 0.0.0.0, Zeitstempel: 0x57899bb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0x388
Startzeit der fehlerhaften Anwendung: 0x01d210483df3d84c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 56ab9203-2232-4047-afb2-fc839761a211
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/16/2016 08:28:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-SCSTULD)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/16/2016 08:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CHXSmartScreen.exe, Version: 0.0.0.0, Zeitstempel: 0x57899bb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0x01d2104821da3fe9
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 73aef85b-2453-486b-997b-389d53e9ad37
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Systemfehler:
=============
Error: (09/17/2016 04:34:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/17/2016 04:33:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Dienst wurde nicht gestartet.
Error: (09/17/2016 04:33:54 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 04:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8125.92 MB
Verfügbarer physikalischer RAM: 5524.77 MB
Summe virtueller Speicher: 9405.92 MB
Verfügbarer virtueller Speicher: 6534.81 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:920.1 GB) (Free:625.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================ TDSS Code:
16:41:54.0149 0x25c8 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
16:41:54.0149 0x25c8 UEFI system
16:41:57.0815 0x25c8 ============================================================
16:41:57.0815 0x25c8 Current date / time: 2016/09/17 16:41:57.0815
16:41:57.0815 0x25c8 SystemInfo:
16:41:57.0815 0x25c8
16:41:57.0815 0x25c8 OS Version: 10.0.14393 ServicePack: 0.0
16:41:57.0815 0x25c8 Product type: Workstation
16:41:57.0815 0x25c8 ComputerName: DESKTOP-SCSTULD
16:41:57.0815 0x25c8 UserName: Ljay
16:41:57.0815 0x25c8 Windows directory: C:\WINDOWS
16:41:57.0815 0x25c8 System windows directory: C:\WINDOWS
16:41:57.0815 0x25c8 Running under WOW64
16:41:57.0815 0x25c8 Processor architecture: Intel x64
16:41:57.0815 0x25c8 Number of processors: 4
16:41:57.0815 0x25c8 Page size: 0x1000
16:41:57.0815 0x25c8 Boot type: Normal boot
16:41:57.0815 0x25c8 CodeIntegrityOptions = 0x00000001
16:41:57.0815 0x25c8 ============================================================
16:41:58.0206 0x25c8 KLMD registered as C:\WINDOWS\system32\drivers\93847409.sys
16:41:58.0206 0x25c8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.187, osProperties = 0x19
16:41:58.0738 0x25c8 System UUID: {297F0700-237A-3116-317B-4499083F1778}
16:41:59.0354 0x25c8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:59.0385 0x25c8 ============================================================
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0:
16:41:59.0385 0x25c8 GPT partitions:
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D64D1385-ADA5-4232-8088-9E2D87C3A01C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E89648BE-B19F-48F2-A71C-9E2C5D985E5C}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x82000
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {408FEFCC-93F0-4F8A-BC00-B07D5746C2C7}, Name: Microsoft reserved partition, StartLBA 0x118800, BlocksNum 0x40000
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EBA03C83-B8EF-4981-A8FF-F0C288B7B26C}, Name: Basic data partition, StartLBA 0x158800, BlocksNum 0x73032000
16:41:59.0385 0x25c8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AEC4126E-F832-4E89-93C1-2E9379120552}, Name: Basic data partition, StartLBA 0x7318A800, BlocksNum 0x157C000
16:41:59.0385 0x25c8 MBR partitions:
16:41:59.0385 0x25c8 ============================================================
16:41:59.0470 0x25c8 C: <-> \Device\Harddisk0\DR0\Partition4
16:41:59.0470 0x25c8 ============================================================
16:41:59.0470 0x25c8 Initialize success
16:41:59.0470 0x25c8 ============================================================
16:42:32.0741 0x22c0 ============================================================
16:42:32.0741 0x22c0 Scan started
16:42:32.0741 0x22c0 Mode: Manual; SigCheck; TDLFS;
16:42:32.0741 0x22c0 ============================================================
16:42:32.0741 0x22c0 KSN ping started
16:42:33.0907 0x22c0 KSN ping finished: true
16:42:35.0901 0x22c0 ================ Scan system memory ========================
16:42:35.0901 0x22c0 System memory - ok
16:42:35.0901 0x22c0 ================ Scan services =============================
16:42:36.0017 0x22c0 1394ohci - ok
16:42:36.0017 0x22c0 3ware - ok
16:42:36.0038 0x22c0 ACPI - ok
16:42:36.0038 0x22c0 AcpiDev - ok
16:42:36.0038 0x22c0 acpiex - ok
16:42:36.0038 0x22c0 acpipagr - ok
16:42:36.0070 0x22c0 AcpiPmi - ok
16:42:36.0070 0x22c0 acpitime - ok
16:42:36.0138 0x22c0 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:42:36.0169 0x22c0 AdobeFlashPlayerUpdateSvc - ok
16:42:36.0169 0x22c0 ADP80XX - ok
16:42:36.0185 0x22c0 AFD - ok
16:42:36.0185 0x22c0 ahcache - ok
16:42:36.0185 0x22c0 AJRouter - ok
16:42:36.0201 0x22c0 ALG - ok
16:42:36.0201 0x22c0 AmdK8 - ok
16:42:36.0238 0x22c0 [ A7820769AF79FF16DBF52133C00FEA80, 7D8B0B3A270F819C6E30123111C068598633B0AA9E68893FF4D9ECC457334593 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
16:42:36.0239 0x22c0 amdkmpfd - ok
16:42:36.0239 0x22c0 AmdPPM - ok
16:42:36.0254 0x22c0 amdsata - ok
16:42:36.0254 0x22c0 amdsbs - ok
16:42:36.0254 0x22c0 amdxata - ok
16:42:36.0254 0x22c0 AppID - ok
16:42:36.0254 0x22c0 AppIDSvc - ok
16:42:36.0254 0x22c0 Appinfo - ok
16:42:36.0270 0x22c0 applockerfltr - ok
16:42:36.0270 0x22c0 AppReadiness - ok
16:42:36.0301 0x22c0 AppXSvc - ok
16:42:36.0301 0x22c0 arcsas - ok
16:42:36.0439 0x22c0 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
16:42:36.0454 0x22c0 asComSvc - ok
16:42:36.0470 0x22c0 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
16:42:36.0470 0x22c0 AsIO - ok
16:42:36.0470 0x22c0 AsyncMac - ok
16:42:36.0486 0x22c0 atapi - ok
16:42:36.0486 0x22c0 AudioEndpointBuilder - ok
16:42:36.0501 0x22c0 Audiosrv - ok
16:42:36.0517 0x22c0 avchv - ok
16:42:36.0570 0x22c0 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:42:36.0586 0x22c0 Avira.ServiceHost - ok
16:42:36.0639 0x22c0 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
16:42:36.0655 0x22c0 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
16:42:38.0187 0x22c0 Detect skipped due to KSN trusted
16:42:38.0187 0x22c0 AVM WLAN Connection Service - ok
16:42:38.0187 0x22c0 AxInstSV - ok
16:42:38.0187 0x22c0 b06bdrv - ok
16:42:38.0187 0x22c0 BasicDisplay - ok
16:42:38.0187 0x22c0 BasicRender - ok
16:42:38.0203 0x22c0 bcmfn - ok
16:42:38.0203 0x22c0 bcmfn2 - ok
16:42:38.0203 0x22c0 BDESVC - ok
16:42:38.0203 0x22c0 Beep - ok
16:42:38.0271 0x22c0 [ 34D35BFFB21DA168DE7E0F0D8AE7EA7A, 550B5D80332E0C7CEAAB23402E0059170F182595322A156BAC3AC7638B660A0C ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:42:38.0302 0x22c0 BEService - ok
16:42:38.0318 0x22c0 BFE - ok
16:42:38.0318 0x22c0 BITS - ok
16:42:38.0336 0x22c0 bowser - ok
16:42:38.0338 0x22c0 BrokerInfrastructure - ok
16:42:38.0340 0x22c0 Browser - ok
16:42:38.0356 0x22c0 BthAvrcpTg - ok
16:42:38.0356 0x22c0 BthHFEnum - ok
16:42:38.0356 0x22c0 bthhfhid - ok
16:42:38.0371 0x22c0 BthHFSrv - ok
16:42:38.0387 0x22c0 [ 105EB146330F2172551F062A3E6BB84E, 6D548E4164074F8C94411E2563F99434EC02B37FB2ABBBB8D576C986F787C0F9 ] BtHidBus C:\WINDOWS\System32\Drivers\BtHidBus.sys
16:42:38.0387 0x22c0 BtHidBus - ok
16:42:38.0403 0x22c0 BTHMODEM - ok
16:42:38.0403 0x22c0 bthserv - ok
16:42:38.0403 0x22c0 buttonconverter - ok
16:42:38.0471 0x22c0 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:42:38.0503 0x22c0 c2cautoupdatesvc - ok
16:42:38.0551 0x22c0 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:42:38.0584 0x22c0 c2cpnrsvc - ok
16:42:38.0589 0x22c0 CapImg - ok
16:42:38.0592 0x22c0 cdfs - ok
16:42:38.0595 0x22c0 CDPSvc - ok
16:42:38.0597 0x22c0 CDPUserSvc - ok
16:42:38.0633 0x22c0 cdrom - ok
16:42:38.0636 0x22c0 CertPropSvc - ok
16:42:38.0638 0x22c0 cht4iscsi - ok
16:42:38.0641 0x22c0 cht4vbd - ok
16:42:38.0644 0x22c0 circlass - ok
16:42:38.0647 0x22c0 CLFS - ok
16:42:38.0649 0x22c0 ClipSVC - ok
16:42:38.0651 0x22c0 clreg - ok
16:42:38.0658 0x22c0 CmBatt - ok
16:42:38.0661 0x22c0 CNG - ok
16:42:38.0663 0x22c0 cnghwassist - ok
16:42:38.0710 0x22c0 CompositeBus - ok
16:42:38.0712 0x22c0 COMSysApp - ok
16:42:38.0714 0x22c0 condrv - ok
16:42:38.0730 0x22c0 CoreMessagingRegistrar - ok
16:42:38.0735 0x22c0 CryptSvc - ok
16:42:38.0748 0x22c0 dam - ok
16:42:38.0751 0x22c0 dc1-controller - ok
16:42:38.0756 0x22c0 DcomLaunch - ok
16:42:38.0759 0x22c0 DcpSvc - ok
16:42:38.0763 0x22c0 defragsvc - ok
16:42:38.0765 0x22c0 DeviceAssociationService - ok
16:42:38.0767 0x22c0 DeviceInstall - ok
16:42:38.0770 0x22c0 DevQueryBroker - ok
16:42:38.0772 0x22c0 Dfsc - ok
16:42:38.0792 0x22c0 [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:42:38.0800 0x22c0 dg_ssudbus - ok
16:42:38.0803 0x22c0 Dhcp - ok
16:42:38.0812 0x22c0 diagnosticshub.standardcollector.service - ok
16:42:38.0815 0x22c0 DiagTrack - ok
16:42:38.0817 0x22c0 disk - ok
16:42:38.0844 0x22c0 DmEnrollmentSvc - ok
16:42:38.0847 0x22c0 dmvsc - ok
16:42:38.0855 0x22c0 dmwappushservice - ok
16:42:38.0858 0x22c0 Dnscache - ok
16:42:38.0862 0x22c0 dot3svc - ok
16:42:38.0865 0x22c0 DPS - ok
16:42:38.0872 0x22c0 drmkaud - ok
16:42:38.0875 0x22c0 DsmSvc - ok
16:42:38.0877 0x22c0 DsSvc - ok
16:42:38.0879 0x22c0 DXGKrnl - ok
16:42:38.0881 0x22c0 EapHost - ok
16:42:38.0883 0x22c0 ebdrv - ok
16:42:38.0905 0x22c0 EFS - ok
16:42:38.0907 0x22c0 EhStorClass - ok
16:42:38.0918 0x22c0 EhStorTcgDrv - ok
16:42:38.0932 0x22c0 [ F307D9ACAB942C9D6AB472D06EDAE099, 0464442AB9ABE4206FCF312AAB8B7F725F13F302B687E42EBC95519CFAB19B79 ] ElgatoVAD C:\WINDOWS\system32\DRIVERS\ElgatoVAD.sys
16:42:38.0937 0x22c0 ElgatoVAD - ok
16:42:38.0940 0x22c0 embeddedmode - ok
16:42:38.0942 0x22c0 EntAppSvc - ok
16:42:38.0944 0x22c0 ErrDev - ok
16:42:39.0042 0x22c0 [ A2941FF542EFF81B32575EB964A89E48, E0C98E6648EF0B2E4819FA5656A8EF79855C39E0C1D43FCD08B36F1951FBF71A ] EslWireHelper C:\Program Files\EslWire\service\WireHelperSvc.exe
16:42:39.0058 0x22c0 EslWireHelper - ok
16:42:39.0063 0x22c0 EventSystem - ok
16:42:39.0066 0x22c0 exfat - ok
16:42:39.0068 0x22c0 fastfat - ok
16:42:39.0071 0x22c0 Fax - ok
16:42:39.0074 0x22c0 fdc - ok
16:42:39.0076 0x22c0 fdPHost - ok
16:42:39.0079 0x22c0 FDResPub - ok
16:42:39.0081 0x22c0 fhsvc - ok
16:42:39.0100 0x22c0 FileCrypt - ok
16:42:39.0102 0x22c0 FileInfo - ok
16:42:39.0106 0x22c0 Filetrace - ok
16:42:39.0109 0x22c0 flpydisk - ok
16:42:39.0111 0x22c0 FltMgr - ok
16:42:39.0114 0x22c0 FontCache - ok
16:42:39.0218 0x22c0 FontCache3.0.0.0 - ok
16:42:39.0238 0x22c0 FrameServer - ok
16:42:39.0240 0x22c0 FsDepends - ok
16:42:39.0240 0x22c0 Fs_Rec - ok
16:42:39.0240 0x22c0 fvevol - ok
16:42:39.0240 0x22c0 gencounter - ok
16:42:39.0240 0x22c0 genericusbfn - ok
16:42:39.0334 0x22c0 [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:42:39.0356 0x22c0 GfExperienceService - ok
16:42:39.0356 0x22c0 GPIOClx0101 - ok
16:42:39.0356 0x22c0 gpsvc - ok
16:42:39.0356 0x22c0 GpuEnergyDrv - ok
16:42:39.0403 0x22c0 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:39.0419 0x22c0 gupdate - ok
16:42:39.0419 0x22c0 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:39.0419 0x22c0 gupdatem - ok
16:42:39.0419 0x22c0 HDAudBus - ok
16:42:39.0435 0x22c0 HidBatt - ok
16:42:39.0456 0x22c0 HidBth - ok
16:42:39.0456 0x22c0 hidi2c - ok
16:42:39.0456 0x22c0 hidinterrupt - ok
16:42:39.0456 0x22c0 HidIr - ok
16:42:39.0456 0x22c0 hidserv - ok
16:42:39.0472 0x22c0 HidUsb - ok
16:42:39.0487 0x22c0 HomeGroupListener - ok
16:42:39.0487 0x22c0 HomeGroupProvider - ok
16:42:39.0503 0x22c0 HpSAMD - ok
16:42:39.0503 0x22c0 HTTP - ok
16:42:39.0518 0x22c0 HvHost - ok
16:42:39.0535 0x22c0 hvservice - ok
16:42:39.0537 0x22c0 hwpolicy - ok
16:42:39.0539 0x22c0 hyperkbd - ok
16:42:39.0540 0x22c0 i8042prt - ok
16:42:39.0540 0x22c0 iagpio - ok
16:42:39.0540 0x22c0 iai2c - ok
16:42:39.0540 0x22c0 iaLPSS2i_GPIO2 - ok
16:42:39.0540 0x22c0 iaLPSS2i_I2C - ok
16:42:39.0540 0x22c0 iaLPSSi_GPIO - ok
16:42:39.0540 0x22c0 iaLPSSi_I2C - ok
16:42:39.0587 0x22c0 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:42:39.0603 0x22c0 iaStorA - ok
16:42:39.0603 0x22c0 iaStorAV - ok
16:42:39.0603 0x22c0 iaStorV - ok
16:42:39.0603 0x22c0 ibbus - ok
16:42:39.0619 0x22c0 icssvc - ok
16:42:39.0634 0x22c0 IKEEXT - ok
16:42:39.0637 0x22c0 IndirectKmd - ok
16:42:39.0718 0x22c0 [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:42:39.0804 0x22c0 IntcAzAudAddService - ok
16:42:39.0903 0x22c0 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:42:39.0942 0x22c0 Intel(R) Capability Licensing Service TCP IP Interface - ok
16:42:39.0942 0x22c0 intelide - ok
16:42:39.0957 0x22c0 intelpep - ok
16:42:39.0957 0x22c0 intelppm - ok
16:42:39.0973 0x22c0 iorate - ok
16:42:39.0973 0x22c0 IpFilterDriver - ok
16:42:40.0004 0x22c0 iphlpsvc - ok
16:42:40.0020 0x22c0 IPMIDRV - ok
16:42:40.0020 0x22c0 IPNAT - ok
16:42:40.0057 0x22c0 irda - ok
16:42:40.0057 0x22c0 IRENUM - ok
16:42:40.0057 0x22c0 irmon - ok
16:42:40.0057 0x22c0 isapnp - ok
16:42:40.0057 0x22c0 iScsiPrt - ok
16:42:40.0088 0x22c0 [ 689B5432F82705BDE9652A4BB1A5AF7D, 5188C06E3739A76702582C61D558CC52AE3B79328F837626BADDF2C3951076DC ] IvtAudioBusSrv C:\WINDOWS\System32\Drivers\IvtBtBus.sys
16:42:40.0103 0x22c0 IvtAudioBusSrv - ok
16:42:40.0145 0x22c0 [ 9CBE73FA49C2C9ACFF162D40ABD9E54F, CFEE108E9A09FED3AE860A7BCA1993CCB580C3EC3A4FDF8AFCDCCF505563F373 ] IvtPanBusSrv C:\WINDOWS\System32\Drivers\btnetBus.sys
16:42:40.0145 0x22c0 IvtPanBusSrv - ok
16:42:40.0192 0x22c0 [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:42:40.0192 0x22c0 jhi_service - ok
16:42:40.0192 0x22c0 kbdclass - ok
16:42:40.0192 0x22c0 kbdhid - ok
16:42:40.0207 0x22c0 kdnic - ok
16:42:40.0207 0x22c0 KeyIso - ok
16:42:40.0207 0x22c0 KSecDD - ok
16:42:40.0223 0x22c0 KSecPkg - ok
16:42:40.0258 0x22c0 ksthunk - ok
16:42:40.0289 0x22c0 KtmRm - ok
16:42:40.0305 0x22c0 LanmanServer - ok
16:42:40.0305 0x22c0 LanmanWorkstation - ok
16:42:40.0305 0x22c0 lfsvc - ok
16:42:40.0339 0x22c0 LicenseManager - ok
16:42:40.0341 0x22c0 lltdio - ok
16:42:40.0358 0x22c0 lltdsvc - ok
16:42:40.0374 0x22c0 lmhosts - ok
16:42:40.0421 0x22c0 [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:42:40.0438 0x22c0 LMS - ok
16:42:40.0442 0x22c0 LSI_SAS - ok
16:42:40.0442 0x22c0 LSI_SAS2i - ok
16:42:40.0442 0x22c0 LSI_SAS3i - ok
16:42:40.0442 0x22c0 LSI_SSS - ok
16:42:40.0442 0x22c0 LSM - ok
16:42:40.0442 0x22c0 luafv - ok
16:42:40.0509 0x22c0 [ E5ECF40E5FD459141E5F6685FFD51804, A120A6184AB16864E8A5F1DFD0CD178FCA541DE463B5CEF946E18C34B9B6F716 ] Lycosa C:\WINDOWS\system32\drivers\Lycosa.sys
16:42:40.0525 0x22c0 Lycosa - detected UnsignedFile.Multi.Generic ( 1 )
16:42:41.0742 0x22c0 Detect skipped due to KSN trusted
16:42:41.0742 0x22c0 Lycosa - ok
16:42:41.0758 0x22c0 MapsBroker - ok
16:42:41.0773 0x22c0 megasas - ok
16:42:41.0773 0x22c0 megasr - ok
16:42:41.0805 0x22c0 [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
16:42:41.0820 0x22c0 MEIx64 - ok
16:42:41.0840 0x22c0 MessagingService - ok
16:42:41.0858 0x22c0 mlx4_bus - ok
16:42:41.0858 0x22c0 MMCSS - ok
16:42:41.0858 0x22c0 Modem - ok
16:42:41.0889 0x22c0 monitor - ok
16:42:41.0889 0x22c0 mouclass - ok
16:42:41.0889 0x22c0 mouhid - ok
16:42:41.0889 0x22c0 mountmgr - ok
16:42:41.0942 0x22c0 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:42:41.0958 0x22c0 MozillaMaintenance - ok
16:42:41.0958 0x22c0 mpsdrv - ok
16:42:41.0958 0x22c0 MpsSvc - ok
16:42:41.0973 0x22c0 MRxDAV - ok
16:42:41.0989 0x22c0 mrxsmb - ok
16:42:41.0989 0x22c0 mrxsmb10 - ok
16:42:41.0989 0x22c0 mrxsmb20 - ok
16:42:42.0005 0x22c0 MsBridge - ok
16:42:42.0020 0x22c0 MSDTC - ok
16:42:42.0020 0x22c0 Msfs - ok
16:42:42.0042 0x22c0 msgpiowin32 - ok
16:42:42.0042 0x22c0 mshidkmdf - ok
16:42:42.0042 0x22c0 mshidumdf - ok
16:42:42.0042 0x22c0 msisadrv - ok
16:42:42.0058 0x22c0 MSiSCSI - ok
16:42:42.0058 0x22c0 msiserver - ok
16:42:42.0058 0x22c0 MSKSSRV - ok
16:42:42.0058 0x22c0 MsLldp - ok
16:42:42.0058 0x22c0 MSPCLOCK - ok
16:42:42.0074 0x22c0 MSPQM - ok
16:42:42.0074 0x22c0 MsRPC - ok
16:42:42.0074 0x22c0 mssmbios - ok
16:42:42.0074 0x22c0 MSTEE - ok
16:42:42.0074 0x22c0 MTConfig - ok
16:42:42.0074 0x22c0 Mup - ok
16:42:42.0089 0x22c0 mvumis - ok
16:42:42.0221 0x22c0 [ FFA4FF776B53CB4843E8CAE342218EC6, B6A1B8E11AE6B84FDA2714294AF9B58C527022DBDF87DAB0F97C8BB01EDF8725 ] MZ0380.X64 C:\WINDOWS\system32\DRIVERS\MZ0380.X64.SYS
16:42:42.0305 0x22c0 MZ0380.X64 - ok
16:42:42.0305 0x22c0 NativeWifiP - ok
16:42:42.0305 0x22c0 NcaSvc - ok
16:42:42.0321 0x22c0 NcbService - ok
16:42:42.0321 0x22c0 NcdAutoSetup - ok
16:42:42.0337 0x22c0 ndfltr - ok
16:42:42.0339 0x22c0 NDIS - ok
16:42:42.0342 0x22c0 NdisCap - ok
16:42:42.0343 0x22c0 NdisImPlatform - ok
16:42:42.0343 0x22c0 NdisTapi - ok
16:42:42.0343 0x22c0 Ndisuio - ok
16:42:42.0374 0x22c0 NdisVirtualBus - ok
16:42:42.0374 0x22c0 NdisWan - ok
16:42:42.0374 0x22c0 ndiswanlegacy - ok
16:42:42.0390 0x22c0 ndproxy - ok
16:42:42.0390 0x22c0 Ndu - ok
16:42:42.0390 0x22c0 NetAdapterCx - ok
16:42:42.0390 0x22c0 NetBIOS - ok
16:42:42.0390 0x22c0 NetBT - ok
16:42:42.0406 0x22c0 Netlogon - ok
16:42:42.0406 0x22c0 Netman - ok
16:42:42.0406 0x22c0 netprofm - ok
16:42:42.0421 0x22c0 NetSetupSvc - ok
16:42:42.0459 0x22c0 NetTcpPortSharing - ok
16:42:42.0459 0x22c0 NgcCtnrSvc - ok
16:42:42.0474 0x22c0 NgcSvc - ok
16:42:42.0474 0x22c0 NlaSvc - ok
16:42:42.0474 0x22c0 Npfs - ok
16:42:42.0474 0x22c0 npsvctrig - ok
16:42:42.0490 0x22c0 nsi - ok
16:42:42.0490 0x22c0 nsiproxy - ok
16:42:42.0521 0x22c0 NTFS - ok
16:42:42.0521 0x22c0 Null - ok
16:42:42.0543 0x22c0 [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
16:42:42.0543 0x22c0 NVHDA - ok
16:42:42.0975 0x22c0 [ DB3FFDB8FB4D08E834B54B858D50DDBE, 3D6437E72FF96BACE0EC1C19C227800E3A6A89239630D71E1D46E0B3AA6CE40C ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys
16:42:43.0207 0x22c0 nvlddmkm - ok
16:42:43.0407 0x22c0 [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:42:43.0445 0x22c0 NvNetworkService - ok
16:42:43.0492 0x22c0 nvraid - ok
16:42:43.0492 0x22c0 nvstor - ok
16:42:43.0640 0x22c0 [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:42:43.0645 0x22c0 NvStreamKms - ok
16:42:43.0809 0x22c0 [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
16:42:43.0878 0x22c0 NvStreamNetworkSvc - ok
16:42:44.0047 0x22c0 [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:42:44.0094 0x22c0 NvStreamSvc - ok
16:42:44.0147 0x22c0 [ 43DB182DC821C322C9EE8E936B82D8FB, 9C8AE7F9B4A7EAA50ECBA406F6F832CC3B656FAC82274533CA6C3ED0839C4027 ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
16:42:44.0163 0x22c0 NvStUSB - ok
16:42:44.0225 0x22c0 [ 403522070F1C1020B9EB862ED989CD87, 01A63D0DA8B47DDE9D2FCF5923529FCA5ABF4154CFFA6D0E10087E3CA5477436 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
16:42:44.0263 0x22c0 nvsvc - ok
16:42:44.0295 0x22c0 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:42:44.0310 0x22c0 nvvad_WaveExtensible - ok
16:42:44.0343 0x22c0 OneSyncSvc - ok
16:42:44.0494 0x22c0 [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:42:44.0525 0x22c0 Origin Client Service - ok
16:42:44.0547 0x22c0 p2pimsvc - ok
16:42:44.0563 0x22c0 p2psvc - ok
16:42:44.0578 0x22c0 Parport - ok
16:42:44.0594 0x22c0 partmgr - ok
16:42:44.0594 0x22c0 PcaSvc - ok
16:42:44.0594 0x22c0 pci - ok
16:42:44.0594 0x22c0 pciide - ok
16:42:44.0594 0x22c0 pcmcia - ok
16:42:44.0609 0x22c0 pcw - ok
16:42:44.0609 0x22c0 pdc - ok
16:42:44.0625 0x22c0 PEAUTH - ok
16:42:44.0625 0x22c0 percsas2i - ok
16:42:44.0625 0x22c0 percsas3i - ok
16:42:44.0663 0x22c0 PerfHost - ok
16:42:44.0694 0x22c0 PhoneSvc - ok
16:42:44.0710 0x22c0 PimIndexMaintenanceSvc - ok
16:42:44.0744 0x22c0 pla - ok
16:42:44.0763 0x22c0 PlugPlay - ok
16:42:44.0763 0x22c0 PnkBstrA - ok
16:42:44.0778 0x22c0 PNRPAutoReg - ok
16:42:44.0778 0x22c0 PNRPsvc - ok
16:42:44.0794 0x22c0 PolicyAgent - ok
16:42:44.0809 0x22c0 Power - ok
16:42:44.0809 0x22c0 PptpMiniport - ok
16:42:44.0910 0x22c0 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:42:44.0994 0x22c0 PrintNotify - ok
16:42:45.0010 0x22c0 Processor - ok
16:42:45.0010 0x22c0 ProfSvc - ok
16:42:45.0010 0x22c0 Psched - ok
16:42:45.0010 0x22c0 QWAVE - ok
16:42:45.0010 0x22c0 QWAVEdrv - ok
16:42:45.0010 0x22c0 RasAcd - ok
16:42:45.0026 0x22c0 RasAgileVpn - ok
16:42:45.0026 0x22c0 RasAuto - ok
16:42:45.0026 0x22c0 Rasl2tp - ok
16:42:45.0026 0x22c0 RasMan - ok
16:42:45.0026 0x22c0 RasPppoe - ok
16:42:45.0026 0x22c0 RasSstp - ok
16:42:45.0095 0x22c0 [ 5332223C0D4CEC95787607906B53E861, EA1FB6373EFA303D0A69DB49D4B05BA489D1FB428E9AF948FA4FAFB94264AE4E ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
16:42:45.0110 0x22c0 Razer Game Scanner Service - ok
16:42:45.0110 0x22c0 rdbss - ok
16:42:45.0126 0x22c0 rdpbus - ok
16:42:45.0126 0x22c0 RDPDR - ok
16:42:45.0148 0x22c0 RdpVideoMiniport - ok
16:42:45.0148 0x22c0 rdyboost - ok
16:42:45.0148 0x22c0 ReFSv1 - ok
16:42:45.0164 0x22c0 RemoteAccess - ok
16:42:45.0164 0x22c0 RemoteRegistry - ok
16:42:45.0179 0x22c0 RetailDemo - ok
16:42:45.0179 0x22c0 RmSvc - ok
16:42:45.0179 0x22c0 RpcEptMapper - ok
16:42:45.0179 0x22c0 RpcLocator - ok
16:42:45.0179 0x22c0 RpcSs - ok
16:42:45.0195 0x22c0 rspndr - ok
16:42:45.0246 0x22c0 [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
16:42:45.0264 0x22c0 rt640x64 - ok
16:42:45.0326 0x22c0 [ 4A06585C8673F4458E9FBBC9DDDB4D28, D27CA2DD3187DF00C2CE3CC504C12E8055E9CA7B52268A3DE20BBC7D67F88AC5 ] RTL8187B C:\WINDOWS\System32\drivers\wg111v3.sys
16:42:45.0347 0x22c0 RTL8187B - ok
16:42:45.0395 0x22c0 [ 492BB39BCAB3EBA4B2192DCBE83B50DA, 4AEA864668D98C42CBBCA550A9A1C2F517388DA789D90F3DB6FB4D8088F3F47C ] rzp1endpt C:\WINDOWS\System32\drivers\rzp1endpt.sys
16:42:45.0395 0x22c0 rzp1endpt - ok
16:42:45.0464 0x22c0 [ 434A22267365AEF88B3AD451B65988AE, 75EFCFF52501E7E3E7B50C4D793DD55F085E378DA1C78772244AB27708409900 ] rzpmgrk C:\WINDOWS\system32\drivers\rzpmgrk.sys
16:42:45.0479 0x22c0 rzpmgrk - ok
16:42:45.0495 0x22c0 [ F8A13D4413A93DD005FAD116CBD6B6F7, 8ED0C00920CE76E832701D45117ED00B12E20588CB6FE8039FBCCDFEF9841047 ] rzpnk C:\WINDOWS\system32\drivers\rzpnk.sys
16:42:45.0510 0x22c0 rzpnk - ok
16:42:45.0526 0x22c0 [ 421497E425AFB40502013F362E4FA230, 20E2372BEE4BFB21138CA574C9806EC399DDA9D3439F3C391E34ABB2E518106D ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
16:42:45.0542 0x22c0 rzudd - ok
16:42:45.0546 0x22c0 [ 33746FD0F9FE7A809ABE0B77059C328F, 2BBAA821E352DAA091253DE80334E9C04C259408E67C86A61FF2540BD59B8D19 ] rzvmouse C:\WINDOWS\System32\drivers\rzvmouse.sys
16:42:45.0548 0x22c0 rzvmouse - ok
16:42:45.0548 0x22c0 s3cap - ok
16:42:45.0564 0x22c0 SamSs - ok
16:42:45.0595 0x22c0 sbp2port - ok
16:42:45.0595 0x22c0 SCardSvr - ok
16:42:45.0628 0x22c0 ScDeviceEnum - ok
16:42:45.0636 0x22c0 scfilter - ok
16:42:45.0645 0x22c0 Schedule - ok
16:42:45.0652 0x22c0 scmbus - ok
16:42:45.0666 0x22c0 scmdisk0101 - ok
16:42:45.0688 0x22c0 SCPolicySvc - ok
16:42:45.0707 0x22c0 [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus C:\WINDOWS\System32\drivers\ScpVBus.sys
16:42:45.0723 0x22c0 ScpVBus - ok
16:42:45.0723 0x22c0 sdbus - ok
16:42:45.0738 0x22c0 SDRSVC - ok
16:42:45.0742 0x22c0 sdstor - ok
16:42:45.0748 0x22c0 seclogon - ok
16:42:45.0748 0x22c0 SENS - ok
16:42:45.0779 0x22c0 SensorDataService - ok
16:42:45.0779 0x22c0 SensorService - ok
16:42:45.0779 0x22c0 SensrSvc - ok
16:42:45.0779 0x22c0 SerCx - ok
16:42:45.0795 0x22c0 SerCx2 - ok
16:42:45.0795 0x22c0 Serenum - ok
16:42:45.0795 0x22c0 Serial - ok
16:42:45.0795 0x22c0 sermouse - ok
16:42:45.0810 0x22c0 SessionEnv - ok
16:42:45.0810 0x22c0 sfloppy - ok
16:42:45.0848 0x22c0 SharedAccess - ok
16:42:45.0848 0x22c0 ShellHWDetection - ok
16:42:45.0879 0x22c0 shpamsvc - ok
16:42:45.0879 0x22c0 SiSRaid2 - ok
16:42:45.0895 0x22c0 SiSRaid4 - ok
16:42:45.0948 0x22c0 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:42:45.0964 0x22c0 SkypeUpdate - ok
16:42:45.0964 0x22c0 smphost - ok
16:42:45.0979 0x22c0 SmsRouter - ok
16:42:45.0995 0x22c0 SNMPTRAP - ok
16:42:45.0995 0x22c0 spaceport - ok
16:42:45.0995 0x22c0 SpbCx - ok
16:42:45.0995 0x22c0 Spooler - ok
16:42:46.0010 0x22c0 sppsvc - ok
16:42:46.0010 0x22c0 srv - ok
16:42:46.0010 0x22c0 srv2 - ok
16:42:46.0026 0x22c0 srvnet - ok
16:42:46.0044 0x22c0 SSDPSRV - ok
16:42:46.0048 0x22c0 SstpSvc - ok
16:42:46.0063 0x22c0 [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:42:46.0079 0x22c0 ssudmdm - ok
16:42:46.0079 0x22c0 StateRepository - ok
16:42:46.0164 0x22c0 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:42:46.0195 0x22c0 Steam Client Service - ok
16:42:46.0279 0x22c0 [ 8AD39F3C6C0ACD29D875905C5F20E6DA, 414053EFA8F4730F5ABB25C5ECA10695A04087471754A22F6B25EED9955A3B09 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
16:42:46.0295 0x22c0 Stereo Service - ok
16:42:46.0295 0x22c0 stexstor - ok
16:42:46.0311 0x22c0 stisvc - ok
16:42:46.0311 0x22c0 storahci - ok
16:42:46.0311 0x22c0 storflt - ok
16:42:46.0326 0x22c0 stornvme - ok
16:42:46.0326 0x22c0 storqosflt - ok
16:42:46.0348 0x22c0 StorSvc - ok
16:42:46.0348 0x22c0 storufs - ok
16:42:46.0348 0x22c0 storvsc - ok
16:42:46.0348 0x22c0 svsvc - ok
16:42:46.0348 0x22c0 swenum - ok
16:42:46.0348 0x22c0 swprv - ok
16:42:46.0379 0x22c0 Synth3dVsc - ok
16:42:46.0379 0x22c0 SysMain - ok
16:42:46.0379 0x22c0 SystemEventsBroker - ok
16:42:46.0395 0x22c0 TabletInputService - ok
16:42:46.0395 0x22c0 TapiSrv - ok
16:42:46.0410 0x22c0 Tcpip - ok
16:42:46.0410 0x22c0 Tcpip6 - ok
16:42:46.0410 0x22c0 tcpipreg - ok
16:42:46.0410 0x22c0 tdx - ok
16:42:46.0410 0x22c0 terminpt - ok
16:42:46.0426 0x22c0 TermService - ok
16:42:46.0443 0x22c0 Themes - ok
16:42:46.0448 0x22c0 TieringEngineService - ok
16:42:46.0448 0x22c0 tiledatamodelsvc - ok
16:42:46.0448 0x22c0 TimeBrokerSvc - ok
16:42:46.0448 0x22c0 TPM - ok
16:42:46.0463 0x22c0 TrkWks - ok
16:42:46.0479 0x22c0 TrustedInstaller - ok
16:42:46.0479 0x22c0 tsusbflt - ok
16:42:46.0495 0x22c0 TsUsbGD - ok
16:42:46.0495 0x22c0 tunnel - ok
16:42:46.0510 0x22c0 tzautoupdate - ok
16:42:46.0510 0x22c0 UASPStor - ok
16:42:46.0510 0x22c0 UcmCx0101 - ok
16:42:46.0510 0x22c0 UcmTcpciCx0101 - ok
16:42:46.0510 0x22c0 UcmUcsi - ok
16:42:46.0510 0x22c0 Ucx01000 - ok
16:42:46.0510 0x22c0 UdeCx - ok
16:42:46.0526 0x22c0 udfs - ok
16:42:46.0526 0x22c0 UEFI - ok
16:42:46.0526 0x22c0 Ufx01000 - ok
16:42:46.0526 0x22c0 UfxChipidea - ok
16:42:46.0526 0x22c0 ufxsynopsys - ok
16:42:46.0543 0x22c0 UI0Detect - ok
16:42:46.0546 0x22c0 umbus - ok
16:42:46.0548 0x22c0 UmPass - ok
16:42:46.0548 0x22c0 UmRdpService - ok
16:42:46.0548 0x22c0 UnistoreSvc - ok
16:42:46.0579 0x22c0 upnphost - ok
16:42:46.0579 0x22c0 UrsChipidea - ok
16:42:46.0579 0x22c0 UrsCx01000 - ok
16:42:46.0595 0x22c0 UrsSynopsys - ok
16:42:46.0611 0x22c0 usbaudio - ok
16:42:46.0611 0x22c0 usbccgp - ok
16:42:46.0611 0x22c0 usbcir - ok
16:42:46.0611 0x22c0 usbehci - ok
16:42:46.0611 0x22c0 usbhub - ok
16:42:46.0611 0x22c0 USBHUB3 - ok
16:42:46.0626 0x22c0 usbohci - ok
16:42:46.0626 0x22c0 usbprint - ok
16:42:46.0626 0x22c0 usbser - ok
16:42:46.0626 0x22c0 USBSTOR - ok
16:42:46.0626 0x22c0 usbuhci - ok
16:42:46.0626 0x22c0 USBXHCI - ok
16:42:46.0643 0x22c0 UserDataSvc - ok
16:42:46.0647 0x22c0 UserManager - ok
16:42:46.0648 0x22c0 UsoSvc - ok
16:42:46.0664 0x22c0 VaultSvc - ok
16:42:46.0664 0x22c0 vdrvroot - ok
16:42:46.0664 0x22c0 vds - ok
16:42:46.0664 0x22c0 VerifierExt - ok
16:42:46.0664 0x22c0 vhdmp - ok
16:42:46.0664 0x22c0 vhf - ok
16:42:46.0664 0x22c0 vmbus - ok
16:42:46.0680 0x22c0 VMBusHID - ok
16:42:46.0680 0x22c0 vmgid - ok
16:42:46.0695 0x22c0 vmicguestinterface - ok
16:42:46.0695 0x22c0 vmicheartbeat - ok
16:42:46.0695 0x22c0 vmickvpexchange - ok
16:42:46.0695 0x22c0 vmicrdv - ok
16:42:46.0695 0x22c0 vmicshutdown - ok
16:42:46.0695 0x22c0 vmictimesync - ok
16:42:46.0695 0x22c0 vmicvmsession - ok
16:42:46.0711 0x22c0 vmicvss - ok
16:42:46.0711 0x22c0 volmgr - ok
16:42:46.0711 0x22c0 volmgrx - ok
16:42:46.0711 0x22c0 volsnap - ok
16:42:46.0711 0x22c0 volume - ok
16:42:46.0711 0x22c0 vpci - ok
16:42:46.0726 0x22c0 vsmraid - ok
16:42:46.0726 0x22c0 VSS - ok
16:42:46.0726 0x22c0 VSTXRAID - ok
16:42:46.0726 0x22c0 vwifibus - ok
16:42:46.0726 0x22c0 vwififlt - ok
16:42:46.0726 0x22c0 W32Time - ok
16:42:46.0744 0x22c0 WacomPen - ok
16:42:46.0747 0x22c0 WalletService - ok
16:42:46.0748 0x22c0 wanarp - ok
16:42:46.0748 0x22c0 wanarpv6 - ok
16:42:46.0748 0x22c0 wbengine - ok
16:42:46.0748 0x22c0 WbioSrvc - ok
16:42:46.0748 0x22c0 wcifs - ok
16:42:46.0748 0x22c0 Wcmsvc - ok
16:42:46.0764 0x22c0 wcncsvc - ok
16:42:46.0764 0x22c0 wcnfs - ok
16:42:46.0764 0x22c0 WdBoot - ok
16:42:46.0764 0x22c0 Wdf01000 - ok
16:42:46.0764 0x22c0 WdFilter - ok
16:42:46.0764 0x22c0 WdiServiceHost - ok
16:42:46.0764 0x22c0 WdiSystemHost - ok
16:42:46.0779 0x22c0 wdiwifi - ok
16:42:46.0779 0x22c0 WdNisDrv - ok
16:42:46.0795 0x22c0 WdNisSvc - ok
16:42:46.0795 0x22c0 WebClient - ok
16:42:46.0811 0x22c0 Wecsvc - ok
16:42:46.0811 0x22c0 WEPHOSTSVC - ok
16:42:46.0811 0x22c0 wercplsupport - ok
16:42:46.0811 0x22c0 WerSvc - ok
16:42:46.0811 0x22c0 WFPLWFS - ok
16:42:46.0811 0x22c0 WiaRpc - ok
16:42:46.0826 0x22c0 WIMMount - ok
16:42:46.0826 0x22c0 WinDefend - ok
16:42:46.0826 0x22c0 WindowsTrustedRT - ok
16:42:46.0826 0x22c0 WindowsTrustedRTProxy - ok
16:42:46.0826 0x22c0 WinHttpAutoProxySvc - ok
16:42:46.0826 0x22c0 WinMad - ok
16:42:46.0864 0x22c0 Winmgmt - ok
16:42:46.0864 0x22c0 WinRM - ok
16:42:46.0879 0x22c0 WINUSB - ok
16:42:46.0879 0x22c0 WinVerbs - ok
16:42:46.0895 0x22c0 wisvc - ok
16:42:46.0910 0x22c0 WlanSvc - ok
16:42:46.0910 0x22c0 wlidsvc - ok
16:42:46.0926 0x22c0 WmiAcpi - ok
16:42:46.0926 0x22c0 wmiApSrv - ok
16:42:46.0944 0x22c0 WMPNetworkSvc - ok
16:42:46.0947 0x22c0 Wof - ok
16:42:46.0949 0x22c0 workfolderssvc - ok
16:42:46.0949 0x22c0 WPDBusEnum - ok
16:42:46.0949 0x22c0 WpdUpFltr - ok
16:42:46.0949 0x22c0 WpnService - ok
16:42:46.0949 0x22c0 WpnUserService - ok
16:42:46.0964 0x22c0 ws2ifsl - ok
16:42:46.0964 0x22c0 wscsvc - ok
16:42:46.0964 0x22c0 WSearch - ok
16:42:46.0980 0x22c0 wuauserv - ok
16:42:46.0980 0x22c0 WudfPf - ok
16:42:46.0980 0x22c0 WUDFRd - ok
16:42:46.0980 0x22c0 wudfsvc - ok
16:42:46.0980 0x22c0 WUDFWpdFs - ok
16:42:46.0980 0x22c0 WUDFWpdMtp - ok
16:42:46.0995 0x22c0 WwanSvc - ok
16:42:47.0011 0x22c0 XblAuthManager - ok
16:42:47.0027 0x22c0 XblGameSave - ok
16:42:47.0027 0x22c0 xboxgip - ok
16:42:47.0027 0x22c0 XboxNetApiSvc - ok
16:42:47.0048 0x22c0 xinputhid - ok
16:42:47.0064 0x22c0 [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy C:\WINDOWS\system32\drivers\xspltspk.sys
16:42:47.0079 0x22c0 XSplit_Dummy - ok
16:42:47.0079 0x22c0 xusb22 - ok
16:42:47.0079 0x22c0 ================ Scan global ===============================
16:42:47.0111 0x22c0 [ Global ] - ok
16:42:47.0111 0x22c0 ================ Scan MBR ==================================
16:42:47.0138 0x22c0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:42:47.0248 0x22c0 \Device\Harddisk0\DR0 - ok
16:42:47.0248 0x22c0 ================ Scan VBR ==================================
16:42:47.0280 0x22c0 [ 050BD3B5D0DAA65A3A31B0F042E81CC5 ] \Device\Harddisk0\DR0\Partition1
16:42:47.0280 0x22c0 \Device\Harddisk0\DR0\Partition1 - ok
16:42:47.0280 0x22c0 [ 6D899654D21C13E5AD759F706C83BD4A ] \Device\Harddisk0\DR0\Partition2
16:42:47.0280 0x22c0 \Device\Harddisk0\DR0\Partition2 - ok
16:42:47.0295 0x22c0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:42:47.0295 0x22c0 \Device\Harddisk0\DR0\Partition3 - ok
16:42:47.0295 0x22c0 [ 3FF999977C9161A05E7F4A2AEC850915 ] \Device\Harddisk0\DR0\Partition4
16:42:47.0311 0x22c0 \Device\Harddisk0\DR0\Partition4 - ok
16:42:47.0327 0x22c0 [ AF93176CB13AE242B3C55A57E8E15A7F ] \Device\Harddisk0\DR0\Partition5
16:42:47.0343 0x22c0 \Device\Harddisk0\DR0\Partition5 - ok
16:42:47.0343 0x22c0 ================ Scan generic autorun ======================
16:42:47.0527 0x22c0 [ 1F8CF6262B750DFE1118D22918589426, 6C7600B463EBB711E3CB41CFE48EBC5E41E20EF5F822A460DEA299CB43B07BC2 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:42:47.0697 0x22c0 RTHDVCPL - ok
16:42:47.0797 0x22c0 [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:42:47.0866 0x22c0 NvBackend - ok
16:42:47.0866 0x22c0 ShadowPlay - ok
16:42:47.0949 0x22c0 [ 025A50380F3C8FAA5B4F8DCF55B32957, 2FD37B7C38788703F455E88FCE56E87E8B3EA392156A9572300C46704733F5F6 ] C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
16:42:47.0997 0x22c0 Elgato Sound Capture - detected UnsignedFile.Multi.Generic ( 1 )
16:42:49.0302 0x22c0 Detect skipped due to KSN trusted
16:42:49.0302 0x22c0 Elgato Sound Capture - ok
16:42:49.0302 0x22c0 WindowsDefender - ok
16:42:49.0361 0x22c0 OneDriveSetup - ok
16:42:49.0363 0x22c0 OneDriveSetup - ok
16:42:49.0514 0x22c0 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Ljay\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:42:49.0533 0x22c0 OneDrive - ok
16:42:49.0644 0x22c0 [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Program Files (x86)\Steam\steam.exe
16:42:49.0691 0x22c0 Steam - ok
16:42:49.0824 0x22c0 [ 49610A409DFAE252AE6A07E400013178, 4191C5BF1BF0E029F58F71BC9B06C1A817FA6250EC6F33C6C680EDE4A2B47F19 ] C:\Users\Ljay\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:42:49.0858 0x22c0 Spotify Web Helper - ok
16:42:49.0905 0x22c0 Discord - ok
16:42:50.0445 0x22c0 [ 0059835DB6B06F934CA19A5F8362DA52, 41CB64CCB6032E79FAF5D5AA32703FB492AB117791C36979ECDA62D0498DBB86 ] C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
16:42:51.0042 0x22c0 Bloody2 - detected UnsignedFile.Multi.Generic ( 1 )
16:42:52.0786 0x22c0 Bloody2 ( UnsignedFile.Multi.Generic ) - warning
16:42:53.0964 0x22c0 Speech Recognition - ok
16:42:54.0066 0x22c0 [ 37FEA424D9C9FC98D8098F0571087504, 10D420D1660234161980098EDB0AF4C83CB062866B738A77720B676E309A191F ] C:\Program Files\EslWire\wire.exe
16:42:54.0182 0x22c0 ESL Wire - detected UnsignedFile.Multi.Generic ( 1 )
16:42:55.0287 0x22c0 Detect skipped due to KSN trusted
16:42:55.0287 0x22c0 ESL Wire - ok
16:42:55.0302 0x22c0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
16:42:55.0302 0x22c0 Win FW state via NFP2: enabled ( trusted )
16:42:56.0544 0x22c0 ============================================================
16:42:56.0544 0x22c0 Scan finished
16:42:56.0544 0x22c0 ============================================================
16:42:56.0551 0x2250 Detected object count: 1
16:42:56.0551 0x2250 Actual detected object count: 1
16:43:33.0230 0x2250 Bloody2 ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:33.0230 0x2250 Bloody2 ( UnsignedFile.Multi.Generic ) - User select action: Skip |