Home » Viren, Trojaner & Malware Forum » Unautorisierter Zugriff auf Skype Konto » Themenansicht

Unautorisierter Zugriff auf Skype Konto
22.03.2017, 23:03
VitaminE
Member

Beiträge: 15
#1 Hallo,

über mein Skype-Konto haben bekannte von mir Links zu Websiten versandt bekommen, die ich nicht verschickt habe. Ursache könnte natürlich sein, dass mein Account einfach "gehackt" wurde. Möchte jedoch sicher gehen, dass mein System sauber ist.

ESET Nod32 Antivirus 9 hat keine Auffälligkeiten bei einem Systemscan gemeldet.

OTL.txt:

OTL logfile created on: 22.03.2017 22:35:51 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hans\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

15,85 Gb Total Physical Memory | 11,81 Gb Available Physical Memory | 74,48% Memory free
18,23 Gb Paging File | 14,38 Gb Available in Paging File | 78,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,12 Gb Total Space | 124,69 Gb Free Space | 53,72% Space Free | Partition Type: NTFS
Drive D: | 229,46 Gb Total Space | 209,29 Gb Free Space | 91,21% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-VPUTASI | User Name: Hans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017.03.22 22:25:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hans\Desktop\OTL.exe
PRC - [2017.01.10 14:59:28 | 000,125,808 | ---- | M] () -- C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe
PRC - [2016.12.21 10:23:18 | 000,130,936 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
PRC - [2016.11.23 18:43:00 | 002,770,312 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2016.11.04 14:57:18 | 000,596,640 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2016.10.18 08:24:54 | 000,069,744 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
PRC - [2016.09.25 00:21:05 | 000,189,264 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
PRC - [2016.07.16 12:42:56 | 000,416,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2016.07.01 07:39:40 | 001,295,376 | ---- | M] (Autodesk Inc.) -- C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
PRC - [2016.05.10 00:23:45 | 000,424,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2016.05.02 07:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016.05.02 06:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016.01.22 01:49:06 | 000,228,216 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpService.exe
PRC - [2016.01.22 01:47:44 | 000,689,016 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpTray.exe
PRC - [2015.09.05 04:34:50 | 000,415,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2015.09.05 04:33:16 | 000,207,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2015.07.22 18:49:08 | 000,322,472 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2015.07.22 18:49:06 | 000,018,856 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2015.05.19 17:11:00 | 000,335,872 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017.03.16 22:49:37 | 000,391,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\644006124f267e54cf6760ac688fbf3e\System.Xml.Linq.ni.dll
MOD - [2017.03.16 22:49:36 | 007,456,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\cfff018936a7c6348cb7ea98d432343a\System.Xml.ni.dll
MOD - [2017.03.16 22:49:33 | 001,878,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\1b30fcb579bbaad955474f384a20d978\System.Xaml.ni.dll
MOD - [2017.03.16 22:49:32 | 002,804,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d5101c374cd436c6638bd68d3e681438\System.Runtime.Serialization.ni.dll
MOD - [2017.03.16 22:49:30 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\69bc7c6c084baf2d2ffd6871c726e266\System.Configuration.ni.dll
MOD - [2017.03.16 22:49:30 | 000,529,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\3c7b6f1459cd44f3f3f9b59e5121a867\PresentationFramework.Aero2.ni.dll
MOD - [2017.03.16 22:49:29 | 019,470,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5fa817daff10898645f2a4f4514bee62\PresentationFramework.ni.dll
MOD - [2017.03.16 22:49:21 | 011,620,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\0e3670b79a0d3cf62dffca3403010d44\PresentationCore.ni.dll
MOD - [2017.03.16 22:49:16 | 004,063,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\b87bf6675b253eeea9d7a1af759d1d9b\WindowsBase.ni.dll
MOD - [2017.03.16 22:49:14 | 007,464,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\561bcb2835dc3d4de610397aebd07edc\System.Core.ni.dll
MOD - [2017.03.16 22:49:11 | 010,266,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6d712bf5f07ce74d9e2d31a443dea9c2\System.ni.dll
MOD - [2017.01.24 03:27:50 | 019,611,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\f06d35cdb58e63c8a25f1658f23fd20d\mscorlib.ni.dll
MOD - [2016.11.18 11:41:40 | 000,143,824 | ---- | M] () -- C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
MOD - [2016.05.02 07:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2017.03.04 08:20:35 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2017.03.04 08:18:48 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2017.03.04 08:08:02 | 000,103,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2017.03.04 07:33:28 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2017.03.04 07:30:52 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2017.03.04 07:29:39 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2017.03.04 07:29:21 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2017.03.04 07:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2017.03.04 07:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2017.03.04 07:26:42 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2017.03.04 07:25:51 | 001,016,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2017.03.04 07:25:25 | 000,548,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2017.03.04 07:24:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2017.03.04 07:24:03 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2017.03.04 07:23:43 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2017.03.04 07:23:18 | 000,715,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2017.03.04 07:23:17 | 000,330,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2017.03.04 07:20:10 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2017.03.04 07:15:29 | 001,837,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2017.03.04 07:12:58 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2017.03.04 07:11:38 | 002,278,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2017.03.04 07:11:22 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2017.03.04 07:10:23 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2017.03.04 07:08:22 | 001,981,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2017.03.04 07:07:14 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2017.01.11 14:34:00 | 000,097,616 | ---- | M] (Dell) [Auto | Running] -- C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe -- (Dell Foundation Services)
SRV:64bit: - [2016.12.14 05:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2016.12.14 05:23:43 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2016.11.23 18:43:00 | 002,770,312 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV:64bit: - [2016.11.11 10:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2016.11.11 10:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2016.11.11 10:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2016.11.11 10:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2016.11.11 10:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2016.11.11 10:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2016.11.02 11:22:02 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016.11.02 11:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016.10.05 10:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2016.10.04 05:24:29 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2016.10.04 05:24:25 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2016.10.04 05:24:25 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016.10.04 05:24:25 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2016.10.04 05:24:23 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016.10.04 05:24:23 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2016.10.04 05:24:21 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2016.10.04 05:24:20 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2016.09.22 17:15:00 | 000,080,208 | ---- | M] (Dell) [Auto | Running] -- C:\Program Files\Dell\Dell Product Registration\PRSvc.exe -- (Product Registration)
SRV:64bit: - [2016.07.25 21:43:55 | 001,591,264 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2016.07.16 12:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2016.07.16 12:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2016.07.16 12:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2016.07.16 12:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2016.07.16 12:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2016.07.16 12:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2016.07.16 12:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2016.07.16 12:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2016.07.16 12:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2016.07.16 12:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016.07.16 12:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2016.07.16 12:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_6b3051)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_6b3051)
SRV:64bit: - [2016.07.16 12:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2016.07.16 12:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2016.07.16 12:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2016.07.16 12:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2016.07.16 12:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2016.07.16 12:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016.07.16 12:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2016.07.16 12:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2016.07.16 12:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2016.07.16 12:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016.07.16 12:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016.07.16 12:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2016.07.16 12:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2016.07.16 12:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016.07.16 12:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2016.07.16 12:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2016.07.16 12:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2016.06.23 16:23:11 | 000,202,488 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe -- (DellDataVaultWiz)
SRV:64bit: - [2016.06.23 16:22:36 | 002,572,024 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault)
SRV:64bit: - [2016.06.07 11:41:40 | 000,431,088 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:64bit: - [2016.06.07 11:41:38 | 000,356,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:64bit: - [2016.05.25 10:00:52 | 000,312,576 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2016.05.02 06:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016.05.02 06:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016.05.02 06:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016.03.30 21:09:56 | 002,288,384 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2015.12.22 16:22:46 | 000,613,296 | R--- | M] (Waves Audio Ltd.) [Auto | Running] -- C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe -- (WavesSysSvc)
SRV:64bit: - [2015.08.21 01:47:44 | 000,980,224 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2015.07.22 18:49:06 | 000,018,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2015.05.22 09:24:00 | 000,881,152 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2017.03.19 21:17:47 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.03.04 08:20:35 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017.03.04 07:21:34 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017.03.04 07:16:20 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2017.03.04 06:36:58 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017.01.19 02:30:28 | 001,464,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2017.01.10 14:59:28 | 000,125,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe -- (DellDockUpdate)
SRV - [2017.01.06 14:56:57 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2016.12.21 10:23:18 | 000,130,936 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Customer Connect\DCCService.exe -- (Dell Customer Connect)
SRV - [2016.11.11 08:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016.10.18 08:24:54 | 000,069,744 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe -- (Razer Chroma SDK Service)
SRV - [2016.10.04 05:24:20 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016.09.25 00:21:05 | 000,189,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2016.09.09 12:11:50 | 000,031,704 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent)
SRV - [2016.07.01 07:39:40 | 001,295,376 | ---- | M] (Autodesk Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe -- (AdAppMgrSvc)
SRV - [2016.06.07 11:41:40 | 000,284,144 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016.05.10 00:23:45 | 000,424,384 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2016.05.02 06:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016.01.22 01:49:06 | 000,228,216 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate)
SRV - [2015.11.05 01:26:24 | 001,831,064 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe -- (ThunderboltService)
SRV - [2015.10.30 12:32:10 | 001,392,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\esif_uf.exe -- (esifsvc)
SRV - [2015.09.05 04:34:50 | 000,415,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2015.09.05 04:33:16 | 000,207,648 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2015.06.24 00:26:44 | 000,238,320 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2015.05.19 17:11:04 | 000,007,680 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe -- (isaHelperSvc)
SRV - [2015.05.19 17:11:00 | 000,335,872 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe -- (Intel(R)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2017.03.04 08:24:27 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2017.03.04 08:15:25 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2017.03.04 08:08:59 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2017.03.04 08:07:55 | 000,557,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2017.03.04 07:34:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2017.03.04 07:27:56 | 000,719,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2017.02.11 16:27:12 | 000,037,912 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901_openvpn_accl.sys -- (tap0901_openvpn_accl)
DRV:64bit: - [2016.12.09 11:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2016.11.23 18:43:00 | 000,262,792 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2016.11.23 18:43:00 | 000,197,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2016.11.23 18:43:00 | 000,181,384 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2016.11.11 11:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2016.11.02 11:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2016.10.15 04:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2016.10.09 11:03:22 | 000,015,488 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\eelam.sys -- (eelam)
DRV:64bit: - [2016.10.05 11:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016.10.05 11:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2016.10.04 05:24:21 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2016.10.04 05:24:21 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2016.10.04 05:24:20 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2016.10.04 05:24:20 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2016.10.04 05:24:20 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2016.10.04 05:24:20 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016.10.04 05:15:35 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2016.09.17 02:12:20 | 000,044,144 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
DRV:64bit: - [2016.09.12 20:15:22 | 013,754,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2016.09.10 14:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016.09.07 22:27:07 | 000,137,840 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk)
DRV:64bit: - [2016.08.17 22:57:16 | 000,204,304 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2016.08.17 22:57:16 | 000,051,736 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2016.07.16 15:27:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2016.07.16 15:27:05 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2016.07.16 12:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2016.07.16 12:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2016.07.16 12:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2016.07.16 12:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2016.07.16 12:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2016.07.16 12:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2016.07.16 12:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2016.07.16 12:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2016.07.16 12:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2016.07.16 12:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2016.07.16 12:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2016.07.16 12:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016.07.16 12:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2016.07.16 12:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2016.07.16 12:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2016.07.16 12:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2016.07.16 12:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2016.07.16 12:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2016.07.16 12:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2016.07.16 12:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2016.07.16 12:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2016.07.16 12:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2016.07.16 12:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2016.07.16 12:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2016.07.16 12:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2016.07.16 12:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2016.07.16 12:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2016.07.16 12:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2016.07.16 12:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2016.07.16 12:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2016.07.16 12:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2016.07.16 12:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:64bit: - [2016.07.16 12:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2016.07.16 12:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2016.07.16 12:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2016.07.16 12:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2016.07.16 12:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2016.07.16 12:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2016.07.16 12:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2016.07.16 12:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2016.07.16 12:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016.07.16 12:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016.07.16 12:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2016.07.16 12:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2016.07.16 12:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016.07.16 12:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2016.07.16 12:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2016.07.16 12:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2016.07.16 12:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2016.07.16 12:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2016.07.16 12:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2016.07.16 12:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2016.07.16 12:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2016.07.16 12:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2016.07.16 12:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2016.07.16 12:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2016.07.16 12:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2016.07.16 12:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2016.07.16 12:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2016.07.16 12:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2016.07.16 12:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2016.07.16 12:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2016.07.16 12:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2016.07.16 12:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2016.07.16 12:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2016.07.16 12:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2016.07.16 12:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:64bit: - [2016.07.16 12:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2016.07.16 12:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2016.07.16 12:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2016.07.16 12:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2016.07.16 12:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2016.07.16 12:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2016.07.16 12:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2016.07.16 12:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2016.07.16 12:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2016.07.16 12:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2016.07.16 12:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2016.07.16 12:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2016.07.16 12:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2016.07.16 12:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2016.07.16 12:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2016.07.16 12:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2016.07.16 12:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2016.07.16 12:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2016.07.16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2016.07.16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2016.07.16 12:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2016.07.16 12:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2016.07.16 12:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2016.07.16 12:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2016.07.16 12:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2016.07.16 12:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2016.07.16 12:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2016.07.16 12:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2016.07.16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2016.07.16 12:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2016.07.16 12:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2016.07.16 12:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2016.07.16 12:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2016.07.16 12:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2016.06.07 11:41:28 | 007,938,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2016.06.07 11:41:12 | 000,787,424 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2016.05.02 06:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016.04.14 06:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016.03.30 21:09:56 | 000,239,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2016.03.30 21:09:56 | 000,226,080 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2016.03.30 21:09:56 | 000,220,448 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2016.03.30 21:09:56 | 000,208,192 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2016.03.30 21:09:56 | 000,048,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2016.03.30 21:09:56 | 000,047,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2016.03.03 10:11:16 | 001,063,736 | ---- | M] (Broadcom Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmpciedhd63.sys -- (BCMPCIEDHD63)
DRV:64bit: - [2016.01.05 22:47:00 | 000,032,464 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys -- (DDDriver)
DRV:64bit: - [2016.01.05 22:47:00 | 000,024,240 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf)
DRV:64bit: - [2015.11.05 15:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2015.10.30 12:32:08 | 000,260,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\esif_lf.sys -- (esif_lf)
DRV:64bit: - [2015.10.30 12:31:42 | 000,055,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dptf_acpi.sys -- (dptf_acpi)
DRV:64bit: - [2015.10.30 12:31:42 | 000,052,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dptf_cpu.sys -- (dptf_cpu)
DRV:64bit: - [2015.09.21 20:55:32 | 000,054,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HidEventFilter.sys -- (HidEventFilter)
DRV:64bit: - [2015.09.01 06:50:26 | 000,185,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015.07.25 01:30:14 | 001,455,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2015.06.24 22:07:40 | 000,752,856 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2015.06.24 22:07:40 | 000,402,136 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV - [2016.09.12 20:15:22 | 013,754,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys -- (nvlddmkm)
DRV - [2016.07.16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {02C36AED-C143-40DB-86FD-6E3AF777B25D}
IE:64bit: - HKLM\..\SearchScopes\{02C36AED-C143-40DB-86FD-6E3AF777B25D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {02C36AED-C143-40DB-86FD-6E3AF777B25D}
IE - HKLM\..\SearchScopes\{02C36AED-C143-40DB-86FD-6E3AF777B25D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell15.msn.com/?pc=DCTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell15.msn.com/?pc=DCTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = BB 82 96 50 82 91 D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {02C36AED-C143-40DB-86FD-6E3AF777B25D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:5.2.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016.12.31 09:01:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\Extensions
[2016.12.31 09:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\Firefox\Profiles\zo0gy059.default\browser-extension-data
[2016.12.31 09:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\Firefox\Profiles\zo0gy059.default\browser-extension-data\jid1-MnnxcxisBPnSXQ@jetpack
[2017.03.22 21:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\Firefox\Profiles\zo0gy059.default\extension-data
[2017.03.13 22:57:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\Firefox\Profiles\zo0gy059.default\extensions
[2017.03.02 06:55:15 | 002,805,273 | ---- | M] () (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\firefox\profiles\zo0gy059.default\extensions\https-everywhere@eff.org.xpi
[2017.01.26 22:32:39 | 001,804,214 | ---- | M] () (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\firefox\profiles\zo0gy059.default\extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi
[2017.03.13 22:57:10 | 001,550,052 | ---- | M] () (No name found) -- C:\Users\Hans\AppData\Roaming\mozilla\firefox\profiles\zo0gy059.default\extensions\uBlock0@raymondhill.net.xpi
[2017.03.19 21:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.2_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm\1.11.4_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2017.3.17_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\7.1.3.1_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_0\
CHR - Extension: No name found = C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp\2017.1.26_0\

O1 HOSTS File: ([2017.01.06 10:04:21 | 000,002,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 vortex.data.microsoft.com
O1 - Hosts: 0.0.0.0 vortex-win.data.microsoft.com
O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 oca.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 redir.metaservices.microsoft.com
O1 - Hosts: 0.0.0.0 choice.microsoft.com
O1 - Hosts: 0.0.0.0 choice.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 wes.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 services.wes.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 sqm.df.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 watson.ppe.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 telemetry.appex.bing.net
O1 - Hosts: 0.0.0.0 telemetry.urs.microsoft.com
O1 - Hosts: 0.0.0.0 telemetry.appex.bing.net:443
O1 - Hosts: 0.0.0.0 settings-sandbox.data.microsoft.com
O1 - Hosts: 0.0.0.0 survey.watson.microsoft.com
O1 - Hosts: 0.0.0.0 watson.live.com
O1 - Hosts: 0.0.0.0 watson.microsoft.com
O1 - Hosts: 0.0.0.0 statsfe2.ws.microsoft.com
O1 - Hosts: 32 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_MAXX6] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [WavesSvc] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Audio Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Autodesk Desktop App] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Hans\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [OneDrive] C:\Users\Hans\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] D:\Games\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.96.12 81.210.129.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43657829-33e9-4b2a-a352-308806564fe5}: DhcpNameServer = 80.69.96.12 81.210.129.4
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016.07.25 21:16:58 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:64bit: {31699572-6286-3C1C-A03C-511D59181038} - .NET Framework
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {71A5A636-652F-3BE0-BC14-02545E9F5EC7} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C95A083A-F1F4-5636-62A1-B95C521DA3FD} - Microsoft Windows
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs:64bit: shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:64bit: WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:64bit: DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
NetSvcs:64bit: RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:64bit: wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017.03.22 22:25:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hans\Desktop\OTL.exe
[2017.03.22 22:23:15 | 000,000,000 | ---D | C] -- C:\Users\Hans\Doctor Web
[2017.03.21 19:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.03.18 20:11:33 | 000,000,000 | ---D | C] -- C:\Users\Hans\Desktop\Hochzeit
[2017.03.18 13:02:52 | 000,000,000 | ---D | C] -- C:\Users\Hans\Documents\AdobeStockPhotos
[2017.03.15 22:10:28 | 000,000,000 | ---D | C] -- C:\Users\Hans\AppData\Roaming\Mist
[2017.03.15 21:51:24 | 000,000,000 | ---D | C] -- C:\Users\Hans\AppData\Roaming\Ethereum
[2017.03.15 21:51:14 | 000,000,000 | ---D | C] -- C:\Users\Hans\AppData\Roaming\Ethereum Wallet
[2017.03.07 20:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Dock Update
[2017.03.07 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\beabe6c6-8313-4bb0-99cd-d8de649273c1
[2017.02.23 23:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2017.02.23 23:26:05 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017.03.22 22:25:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hans\Desktop\OTL.exe
[2017.03.22 19:48:12 | 002,770,684 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.03.22 19:48:12 | 001,127,982 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2017.03.22 19:48:12 | 000,993,222 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.03.22 19:48:12 | 000,343,542 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.03.22 19:48:12 | 000,281,488 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2017.03.22 19:43:47 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017.03.22 19:34:10 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.03.22 18:32:02 | 769,575,300 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2017.03.22 18:32:02 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017.03.22 18:31:57 | 2514,010,111 | -HS- | M] () -- C:\hiberfil.sys
[2017.03.18 22:12:31 | 008,412,398 | ---- | M] () -- C:\Users\Hans\Desktop\hiddeh.pdf
[2017.03.16 19:11:33 | 002,251,464 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.03.04 08:19:11 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.03.04 08:04:33 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.03.04 07:37:19 | 000,025,088 | ---- | M] () -- C:\WINDOWS\SysNative\GamePanelExternalHook.dll
[2017.03.04 07:30:52 | 000,418,304 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2017.03.04 07:29:58 | 000,019,968 | ---- | M] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2017.03.04 07:22:01 | 000,265,728 | ---- | M] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2017.02.22 03:17:53 | 000,448,285 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017.03.18 22:11:52 | 008,412,398 | ---- | C] () -- C:\Users\Hans\Desktop\hiddeh.pdf
[2017.03.14 21:43:27 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.03.14 21:43:24 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2017.03.14 21:43:14 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2017.03.14 21:43:01 | 000,448,285 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2017.03.14 21:42:42 | 000,418,304 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2017.03.14 21:42:17 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.03.14 21:41:44 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysNative\GamePanelExternalHook.dll
[2016.10.03 19:30:24 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016.10.03 19:28:44 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016.09.12 20:15:20 | 035,133,376 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2016.09.12 20:10:00 | 008,916,512 | ---- | C] () -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2016.09.12 20:10:00 | 000,611,608 | ---- | C] () -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2016.08.30 20:13:51 | 002,463,976 | ---- | C] () -- C:\WINDOWS\SysWow64\NPSWF32.dll
[2016.07.16 12:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016.07.16 12:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016.07.16 12:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016.07.16 12:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016.07.16 12:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016.07.16 12:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016.07.16 12:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016.07.16 12:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016.07.16 12:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016.05.19 08:03:56 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016.05.19 08:03:56 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016.05.08 19:16:51 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2016.05.08 19:16:51 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2016.05.04 03:23:30 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
[2016.05.04 03:22:58 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016.04.17 12:25:11 | 000,000,600 | ---- | C] () -- C:\Users\Hans\AppData\Local\PUTTY.RND
[2016.03.30 21:07:50 | 004,690,294 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016.03.30 21:06:59 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\RtkMsgs.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2016.10.03 19:38:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017.03.04 08:09:21 | 007,220,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017.03.04 07:53:19 | 005,722,320 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016.07.16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016.07.16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.07.16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2016.07.26 21:12:00 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Autodesk
[2016.04.26 11:24:35 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\elsterformular
[2017.03.15 21:56:24 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Ethereum
[2017.03.15 21:56:24 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Ethereum Wallet
[2016.04.17 13:56:40 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\FileZilla
[2016.04.08 08:04:03 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\LolClient
[2017.03.15 22:19:42 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Mist
[2016.04.09 18:20:20 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Notepad++
[2016.04.26 14:34:28 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\OpenOffice
[2016.04.07 19:13:46 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\PCDr
[2016.04.07 19:47:04 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\Riot Games
[2017.02.08 23:31:35 | 000,000,000 | ---D | M] -- C:\Users\Hans\AppData\Roaming\TS3Client

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2016.08.24 18:09:30 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2016.03.30 21:44:02 | 000,000,000 | ---D | M] -- C:\Apps
[2016.07.25 21:16:58 | 000,000,000 | ---D | M] -- C:\Autodesk
[2016.03.30 22:44:48 | 000,000,000 | ---D | M] -- C:\Dell
[2016.04.07 20:44:58 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2016.03.30 21:41:13 | 000,000,000 | ---D | M] -- C:\Drivers
[2016.04.07 19:46:55 | 000,000,000 | ---D | M] -- C:\Games
[2016.03.30 21:09:15 | 000,000,000 | ---D | M] -- C:\Intel
[2016.07.16 12:47:47 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2017.02.23 23:26:05 | 000,000,000 | R--D | M] -- C:\Program Files
[2017.03.07 20:39:14 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2017.03.07 20:39:14 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2016.10.03 19:31:52 | 000,000,000 | ---D | M] -- C:\Recovery
[2017.03.22 22:38:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2016.10.03 19:32:47 | 000,000,000 | R--D | M] -- C:\Users
[2017.03.22 18:32:02 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]

[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2017.03.04 07:46:40 | 004,312,248 | ---- | M] (Microsoft Corporation) MD5=805E293E2A440F7464B10D58988818F2 -- C:\Windows\SysWOW64\explorer.exe
[2017.03.04 07:46:40 | 004,312,248 | ---- | M] (Microsoft Corporation) MD5=805E293E2A440F7464B10D58988818F2 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.953_none_95d48b474c1176c6\explorer.exe
[2017.03.21 22:01:35 | 000,274,994 | ---- | M] () MD5=8D7140C47E0C404AA6B60873B979AA55 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_897dbcdfc4cfd521\explorer.exe
[2017.03.21 21:46:17 | 000,348,411 | ---- | M] () MD5=94E29E5F909F406F8F430FAF305935CC -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.0_none_7f29128d906f1326\explorer.exe
[2017.03.04 08:03:07 | 004,674,360 | ---- | M] (Microsoft Corporation) MD5=F2D58A2E27C2CD486F8F0A123A3F34C3 -- C:\Windows\explorer.exe
[2017.03.04 08:03:07 | 004,674,360 | ---- | M] (Microsoft Corporation) MD5=F2D58A2E27C2CD486F8F0A123A3F34C3 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.14393.953_none_8b7fe0f517b0b4cb\explorer.exe

[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2017.03.04 07:18:36 | 000,320,512 | ---- | M] (Microsoft Corporation) MD5=2E327F27B5B836D8304DF46E8E20341A -- C:\Windows\regedit.exe
[2017.03.04 07:10:04 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=2E327F27B5B836D8304DF46E8E20341A -- C:\Windows\SysWOW64\regedit.exe
[2017.03.04 07:10:04 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=2E327F27B5B836D8304DF46E8E20341A -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.14393.953_none_384e9999ae2dae9e\regedit.exe
[2017.03.21 21:50:59 | 000,000,407 | ---- | M] () MD5=4F7D0366AC88222921F1059F99D37CE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.14393.0_none_21a320dff28b4afe\regedit.exe
[2017.03.21 22:06:25 | 000,000,405 | ---- | M] () MD5=8142C6BF10237EB729C7F61BF36B7C26 -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.14393.0_none_2bf7cb3226ec0cf9\regedit.exe
[2017.03.04 07:18:36 | 000,320,512 | ---- | M] (Microsoft Corporation) MD5=BF5D30514FEA913E25CCC9E546257088 -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.14393.953_none_2df9ef4779cceca3\regedit.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2016.07.16 12:42:27 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=C1B1FFC800BE2F31EB2CF8CB40629C69 -- C:\WINDOWS\SysNative\userinit.exe
[2016.07.16 12:42:27 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=C1B1FFC800BE2F31EB2CF8CB40629C69 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_10.0.14393.0_none_099d2590e8629c72\userinit.exe
[2016.07.16 12:42:55 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=FA900E6CCCF0A429D5B720C6F0E2274B -- C:\Windows\SysWOW64\userinit.exe
[2016.07.16 12:42:55 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=FA900E6CCCF0A429D5B720C6F0E2274B -- C:\Windows\WinSxS\wow64_microsoft-windows-userinit_31bf3856ad364e35_10.0.14393.0_none_13f1cfe31cc35e6d\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2016.07.16 12:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\WINDOWS\SysNative\wininit.exe
[2016.07.16 12:42:27 | 000,304,240 | ---- | M] (Microsoft Corporation) MD5=99A19C9A74E2F9820E501DCE77F84F70 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_10.0.14393.0_none_5e67244a1b034b09\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2017.01.18 22:13:38 | 000,059,370 | ---- | M] () MD5=74F4EFA2E3B0CAE393E01FEB94BE4559 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.0_none_9d376c91eba4205c\winlogon.exe
[2016.12.14 05:24:12 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=917F081E2AB667C44F7D96DE1D16DFAE -- C:\WINDOWS\SysNative\winlogon.exe
[2016.12.14 05:24:12 | 000,673,792 | ---- | M] (Microsoft Corporation) MD5=917F081E2AB667C44F7D96DE1D16DFAE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.14393.594_none_a963f3fb73055680\winlogon.exe

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

< End of report >


Extras.txt

OTL Extras logfile created on: 22.03.2017 22:26:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hans\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

15,85 Gb Total Physical Memory | 10,44 Gb Available Physical Memory | 65,87% Memory free
18,23 Gb Paging File | 12,65 Gb Available in Paging File | 69,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,12 Gb Total Space | 124,69 Gb Free Space | 53,72% Space Free | Partition Type: NTFS
Drive D: | 229,46 Gb Total Space | 209,29 Gb Free Space | 91,21% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-VPUTASI | User Name: Hans | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.scr [@ = AutoCADScriptFile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 8C FB FF 60 A5 1D D2 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3511DD2E-7AED-4332-BF31-6EB21E35282F}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{4EA93BBD-842A-4B2C-9233-F555143A2C2D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{698E96E1-2F74-4E1E-BC4D-45292AB1656C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6B3C0BF4-92B0-4B91-9365-2E538E50A802}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{79D7C0E1-6EFD-440F-97A7-73C023FE2140}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{7E91CB66-8EDF-442F-B596-E71171BB7549}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{B1135254-E62A-42D0-A7DC-DD3974892242}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DA00C540-513D-4262-AE6C-DBE3340C3828}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024D3BFC-054D-49E4-B2A9-6FCE01E3FC97}" = dir=in | app=c:\program files (x86)\flyvpn\flyvpn.exe |
"{03D34579-C448-46BD-BAAB-B481C8710931}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\hearts of iron iv\hoi4.exe |
"{071F1B91-D850-4EF8-9448-F8BB19610911}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{08990BA2-E062-4A8C-BE69-2F7B46D0C490}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{0EE2174B-4E90-40A7-B813-2E9AAA11D23A}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{119DC82A-79BC-4A7B-8AC5-8118ACFE7C2A}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.953_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{1220D3E1-BB12-44CF-BEC5-A511EB26CC5E}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{14BF4649-69A9-4775-84C6-A6A018E3A668}" = protocol=6 | dir=in | app=d:\games\steam\bin\steamwebhelper.exe |
"{14C998A5-14B4-4F53-B1DD-76C713DC5166}" = dir=in | name=xbox |
"{1754EBD7-95B6-446A-8B74-C37E495BF045}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1702.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{19D4CC24-4AB2-4C6B-8C5E-D2D853EEE3FC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1B4145FE-B23C-48FA-8535-1BA7330FEB8B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1F366999-7D79-49F0-89F6-068D60AE7028}" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"{2280B2C9-A66A-48AF-B035-2E936B8B9794}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{239C3181-27EE-4DD1-A480-DEFC9C8013B5}" = dir=out | name=store purchase app |
"{25CFD4FE-11A8-4E2D-A0EB-25BEDBD2FB60}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{2B506CD7-3B5D-48C3-972B-A384546D947A}" = dir=out | name=@{microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{2EA4CEEC-7FE4-43D0-ADAF-EF7B4714949A}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{2F03FF42-B019-4966-895E-A6B6A9143592}" = dir=out | name=microsoft sticky notes |
"{31116078-AC7D-4CBE-8CA5-283D630AEC77}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{33A84866-60FF-423C-BE49-B58F74A57731}" = dir=out | name=windows_ie_ac_001 |
"{33B474D8-1A84-42B4-B262-45D88EA23CC5}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{33E7E0F9-229F-4FD7-939E-B123119ED6E1}" = dir=in | name=@{microsoft.skypeapp_11.12.112.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{34355415-861B-46CA-B9A3-C14599658C96}" = dir=out | name=twitter |
"{349E5A65-1276-4127-BC56-1AB1B2879EB5}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{34F02D43-8961-44CC-82BE-2A01C9BA30D2}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{388C543A-2DE3-43FC-909B-19A3E5F30F6D}" = dir=out | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{3D7BD886-53EF-4F9D-86F4-9BD33EBEA1C4}" = dir=in | name=microsoft solitaire collection |
"{42116C35-2E10-4A07-85EC-16906E252587}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\counter-strike source\hl2.exe |
"{468C4D1E-858D-4864-98FF-7C8D70D1995A}" = dir=in | name=onenote |
"{49BBFC77-9338-4CFB-B081-1FDCD2CA8A03}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{4E37400C-654F-438D-8064-C1DA61625F8E}" = dir=out | name=xbox |
"{4FFB8B1E-45FB-469E-90A5-014FDAB49936}" = dir=in | name=@{microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{51281AAB-C728-448C-8143-69EDCB247820}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{54ED75AB-B9A7-4A5E-BF13-FDA026BF30D6}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{58325C66-AC43-4CEE-B264-82C96771A555}" = dir=in | name=microsoft sticky notes |
"{5E558B56-F506-4439-B1BC-3409C0B4E860}" = dir=out | name=sway |
"{5FB1305B-650F-4BBE-9AD6-D88BC6F16E2A}" = dir=out | name=@{microsoft.skypeapp_11.12.112.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{61177DD9-D5AA-4E43-9D1E-AE9A5CF39E4F}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{6163A45C-C309-4627-8200-B620176B8C47}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{64BC381A-1F27-4B15-986A-C28DD9334F9A}" = dir=in | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{653DD0DE-4A65-41FE-A37A-050248874759}" = protocol=17 | dir=in | app=d:\games\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{693BE0F2-C034-4371-96EF-E5D699EE161B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8016.42007.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{6D3CBC9F-C80C-49B9-A81D-06EA55D4AA4E}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{6E2E3261-AC57-4935-A9FE-0E404EC3B421}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{754477AA-1CC3-4400-9832-32553CD5BC71}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{760DEB4A-89D3-4CE6-9344-60787EB6E3C8}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{7713A54B-10C7-4274-8615-102ECE438CFA}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{7C3F6DC2-AD46-449C-B87F-EAD87D50DA9E}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{7C678DD0-2DF6-4181-AD42-6990CF4C2CF6}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\hearts of iron iv\hoi4.exe |
"{7E74883D-2444-4B8D-A2EA-0680FEEBF39D}" = dir=out | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{805D826A-2299-45EE-8395-BF7D87B78D7C}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{8179379A-C3B1-4C8C-B0C1-C547B309DDEC}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{81D8FE89-336A-4980-93B6-FD5179C392AA}" = dir=in | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8425A8B1-750F-48C4-BB6C-83B4113FF6AC}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{845E996A-95D4-4951-A894-9B01113C6C49}" = dir=out | name=@{microsoft.people_10.2.431.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{84A80E09-5C63-4C8C-BBCD-69FB3E12BEA2}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{89120AC7-317A-45D6-9770-EED45F1A2D67}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{8BF181BD-D557-4A1F-B22B-06C0F1B80CEC}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{8FB9B2C7-0D33-474B-AF9D-CBF9251F5C07}" = dir=out | name=@{microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{91645C36-AD15-4D44-8322-BD4028F64674}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{91D0C328-7D2E-4D4E-B157-617C0B348A07}" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"{91F6C6E3-8C17-4F0D-9C02-435E5C0BE56C}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9AC83758-7725-4EF8-9947-39F3F33DA88F}" = dir=out | name=onenote |
"{9ADB5E1C-35B6-4D85-8607-DADA955F1DA3}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{9D3A9AF6-516E-4C4D-A949-04B340FB6A65}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9FD32A15-55BE-43F7-87E9-55808F0DFFD1}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{A2B93C76-0DC1-41FF-A701-B7FD548F02B6}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A537E747-B3B0-473D-B984-D9B90F009E69}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{A7EB876B-6145-4B95-9F78-36C6B2A64756}" = protocol=6 | dir=in | app=d:\games\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{AC6CF78E-BDCD-4EEB-BDFB-8F5FF352CCFF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AD741909-E0DC-4738-9A6A-2DE69398E9B4}" = dir=in | name=@{microsoft.windowsstore_11701.1001.79.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{ADD6F4B6-A827-4CB3-9CA3-A8D2BE8542B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B32EDB26-F9C2-4C22-B6A6-3F85E5A33F65}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{B547A0BB-493B-4E93-8FE8-BDFDCF4865CE}" = protocol=17 | dir=in | app=d:\games\steam\bin\steamwebhelper.exe |
"{B7EA96BB-ED6F-41A7-A766-867008318542}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{B92A3549-C91D-4B50-9D16-9D009797B5E1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8016.42007.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{BB23503E-1F91-474F-8B20-649A4ADC2861}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{BC9CC8DB-45B4-40A2-9E17-062295A83F2F}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{BD5C5C03-BC24-47AE-9FD2-0159E4F9D449}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1702.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{BE1E51AC-3D35-4DF1-8DF2-50636050A47D}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.953_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{C0805537-974C-4D28-BFA8-0C0478C5FD45}" = dir=out | name=@{microsoft.windowsstore_11701.1001.79.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{CF4E6411-0B09-44D9-80E8-825EA78CFA56}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{D1223469-1A67-4157-8C17-4DC80A88D036}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{D23BD8C6-FE26-41EC-902B-0117550CF96E}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{DFFD3B59-1AE7-4B39-BC6C-30494EA507BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E42C302B-906F-4C30-9AE8-C3DC8ED2DBBA}" = dir=in | name=sway |
"{F00AAC02-AE06-4838-9188-53EE88964498}" = dir=out | name=microsoft solitaire collection |
"{F1C44AEA-1D52-42D5-979E-7D8EE8F2D644}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\counter-strike source\hl2.exe |
"{F4E71866-BCD5-41B0-A9BD-766DBD8C2F04}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{F70076EE-2B5E-4C75-AA53-99DA10351C82}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{F969F06D-DF57-4463-BA57-D96779D238FE}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{F992E1BD-11B6-4F53-94CE-9C11915A09F1}" = dir=in | name=@{microsoft.zunemusic_10.17012.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{FF26B308-B999-4D85-82B8-C11CC6D7707C}" = dir=out | name=@{microsoft.zunemusic_10.17012.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"TCP Query User{5531B2DB-466B-4388-BB0C-3848052F71FB}C:\users\Hans\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\Hans\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6E50C97D-A256-46AB-8359-1D6D9FCD9A94}C:\users\Hans\appdata\roaming\mist\binaries\geth\unpacked\geth.exe" = protocol=6 | dir=in | app=c:\users\Hans\appdata\roaming\mist\binaries\geth\unpacked\geth.exe |
"TCP Query User{EDF705E3-797D-47FE-A798-FCD4D35A7992}C:\users\Hans\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe" = protocol=6 | dir=in | app=c:\users\Hans\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe |
"TCP Query User{F7E03711-5ABB-4823-98B8-A24EE04272A6}C:\users\Hans\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\Hans\appdata\local\akamai\netsession_win.exe |
"UDP Query User{D69ED012-ACCF-4441-A5B7-D34B76236F4B}C:\users\Hans\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\Hans\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E9969D11-476C-4400-8684-79F8141E29C4}C:\users\Hans\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\Hans\appdata\local\akamai\netsession_win.exe |
"UDP Query User{EC78ACDA-A0D0-4CA3-BAA9-9D2359367103}C:\users\Hans\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe" = protocol=17 | dir=in | app=c:\users\Hans\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe |
"UDP Query User{F5DB5D98-1F4B-4418-9082-3C0CCC2B75FD}C:\users\Hans\appdata\roaming\mist\binaries\geth\unpacked\geth.exe" = protocol=17 | dir=in | app=c:\users\Hans\appdata\roaming\mist\binaries\geth\unpacked\geth.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}" = Intel(R) Chipset Device Software
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F26F2D5-8DD0-4C68-A1E8-D7B423EC8B7C}" = Intel(R) Management Engine Components
"{24962326-A318-4620-85A7-F91DD6DBF5C4}" = Intel(R) Management Engine Components
"{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}" = Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit
"{28B89EEF-0001-0000-0102-CF3F3A09B77D}" = AutoCAD 2017
"{28B89EEF-0001-0000-3102-CF3F3A09B77D}" = ACAD Private
"{28B89EEF-0001-0407-1102-CF3F3A09B77D}" = AutoCAD 2017 Language Pack - Deutsch (German)
"{28B89EEF-0001-0407-2102-CF3F3A09B77D}" = AutoCAD 2017 - Deutsch (German)
"{28B89EEF-0004-0000-5102-CF3F3A09B77D}" = ACA & MEP 2017 Object Enabler
"{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support
"{2E55EEFD-2162-4A7D-9158-EDB0305603A6}" = Dell Data Vault
"{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}" = Intel(R) Rapid Storage Technology
"{307032B2-6AF2-46D7-B933-62438DEB2B9A}" = Maxx Audio Installer (x64)
"{30E935B2-0DAC-455E-AC76-3C8504DC3D18}" = Intel(R) Serial IO
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{44CA1C58-5DB9-46F2-89B5-9D49CC8D918E}" = ESET NOD32 Antivirus
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5F0F7049-0000-1033-0102-73A6DA3D7FA6}" = Autodesk ReCap 360
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7B50D081-E670-3B43-A460-0E2CDB5CE984}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918
"{7D84E343-A23D-451C-B123-0195B2D903A6}" = Intel® Trusted Connect Service Client
"{85B14AE3-1624-45BE-942B-A528DF6F1CCE}" = Product Registration
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{92979371-FDF4-45F8-8245-28560F71EC17}" = Intel(R) Management Engine Components
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92F651D9-4431-469E-9B11-299D007AF656}" = Dell Update - SupportAssist Update Plugin
"{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}" = iTunes
"{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}" = Intel(R) Serial IO
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 365.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 369.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 365.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.40
"{BDB50421-E961-42F3-B803-6DAC6F173834}" = Dell Foundation Services
"{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}" = Apple Application Support (64-Bit)
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = WIDCOMM Bluetooth Software
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DC051DD8-4EFB-4414-8721-4D45B448D1BE}" = Intel(R) ME UninstallLegacy
"{DFFEB619-5455-3697-B145-243D936DB95B}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918
"{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}" = Autodesk License Service (x64) - 3.1
"AutoCAD 2017 - Deutsch (German)" = Autodesk AutoCAD 2017 - Deutsch (German)
"Autodesk ReCap 360" = Autodesk ReCap 360
"DW WLAN Card" = DW WLAN Card
"HomeStudentRetail - de-de" = Microsoft Office Home and Student 2016 - de-de
"PC-Doctor for Windows" = Dell SupportAssist
"Steam App 240" = Counter-Strike: Source
"Steam App 394360" = Hearts of Iron IV
"VLC media player" = VLC media player
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"WinRAR archiver" = WinRAR 5.31 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{063925DB-9D8C-48E2-8F04-1B7038B6C783}" = SketchUp-Import 2016-2017
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A46A65D-89AC-464C-8026-3CD44960BD04}" = Realtek USB Audio
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{26356515-5821-40FA-9C3D-9785052A1062}" = Apple Application Support (32-Bit)
"{27130E51-9555-408B-8134-7BFF54EDE27B}" = Dell SupportAssistAgent
"{27C15055-713B-4D0E-881F-19598A2DFD59}" = Verfügbare Autodesk-Apps 2016-2017
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BE9948C-FD9C-40B0-AC04-EE2AAB4C19D4}" = Dell Update
"{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3FBFBC43-9882-43FA-B979-2D53896747B3}" = Autodesk Material Library Base Resolution Image Library 2017
"{448652c1-f5f3-4230-98c6-68c10c88b1fb}" = Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4B230374-6475-4A73-BA6E-41015E9C5013}" = Intel® Security Assist
"{4FA72FF9-DD64-43A8-8704-6380A11F11D5}" = Dell Customer Connect
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}" = Intel(R) Dynamic Platform and Thermal Framework
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C4547B7-084A-4992-BFBF-9F6C6E2DC3EA}" = Dell Dock Update
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}" = Autodesk AutoCAD Performance Feedback Tool 1.2.5
"{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}" = FARO LS 1.1.505.0 (64bit)
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ED2ED41-4455-449D-993C-751C039089B9}" = Autodesk Advanced Material Library Image Library 2017
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}" = Autodesk Material Library 2017
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0407-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}" = Dell Digital Delivery
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{B0E8A8CA-5A40-49C3-BE5E-9076664DB9AA}" = Thunderbolt(TM) Software
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD9CFD69-EB91-354E-9C98-D439E6091932}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C0954809-F5DC-426C-847E-8409DE14E4C0}" = Autodesk App Manager 2016-2017
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia USB Host Controller Driver
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}" = OpenOffice 4.1.2
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{fb610cea-ba50-4d4b-a717-cf025419035c}" = Intel(R) Chipset Device Software
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"3FB06EEC-013D-4366-9918-71B97DFB84EB" = Intel(R) HID Event Filter
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Autodesk Desktop App" = Autodesk Desktop-App
"ElsterFormular" = ElsterFormular
"FlyVPN" = FlyVPN
"Google Chrome" = Google Chrome
"InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}" = Dell Product Registration
"League of Legends 3.0.1" = League of Legends
"Mozilla Firefox 52.0.1 (x86 de)" = Mozilla Firefox 52.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Razer Chroma SDK" = Razer Chroma SDK Core Components
"Steam" = Steam

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.16.1
"OneDriveSetup.exe" = Microsoft OneDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 22.03.2017 12:55:52 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

Error - 22.03.2017 12:55:55 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

Error - 22.03.2017 13:11:06 | Computer Name = DESKTOP-VPUTASI | Source = DPTF | ID = 256
Description = Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221)
TYPE: ERROR DPTF Build Version: 8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15
Source
File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line
144 Executing Function: ConfigTdpPolicy::onBindDomain Message: DPTF Build Version:
8.1.10605.221 DPTF Build Date: Oct 23 2015 12:24:15 Source File: ..\..\..\Sources\Manager\EsifServices.cpp
@ line 187 Executing Function: EsifServices::primitiveExecuteSetAsUInt32 Message:
Error returned from ESIF services interface function call Participant: TCPU [2]
Domain:
PKG [0] ESIF Primitive: SET_PROC_CTDP_CONTROL [221] ESIF Instance: 255 ESIF Return
Code: ESIF_E_PRIMITIVE_DST_UNAVAIL [2403] Participant: TCPU [2] Domain: PKG [0]
Policy:
ConfigTDP Policy [0]

Error - 22.03.2017 13:32:08 | Computer Name = DESKTOP-VPUTASI | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IntelCpHDCPSvc.exe, Version: 1.0.0.1,
Zeitstempel: 0x572a4b65 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479,
Zeitstempel: 0x5825887f Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000002f7db
ID
des fehlerhaften Prozesses: 0xad8 Startzeit der fehlerhaften Anwendung: 0x01d2a3323b01d668
Pfad
der fehlerhaften Anwendung: C:\WINDOWS\system32\IntelCpHDCPSvc.exe Pfad des fehlerhaften
Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: 8326729e-84e5-4229-b740-250e29e985f9
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:

Error - 22.03.2017 13:32:14 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

Error - 22.03.2017 13:32:18 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

Error - 22.03.2017 13:32:25 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

Error - 22.03.2017 14:44:10 | Computer Name = DESKTOP-VPUTASI | Source = MsiInstaller | ID = 11310
Description =

Error - 22.03.2017 14:44:23 | Computer Name = DESKTOP-VPUTASI | Source = MsiInstaller | ID = 11310
Description =

Error - 22.03.2017 15:55:49 | Computer Name = DESKTOP-VPUTASI | Source = CertEnroll | ID = 39452758
Description =

[ isaAgentLog Events ]
Error - 14.01.2017 05:37:19 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 21.01.2017 07:18:32 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 28.01.2017 08:39:06 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 04.02.2017 08:39:07 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 11.02.2017 08:39:08 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 18.02.2017 08:39:09 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 25.02.2017 08:39:09 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 04.03.2017 09:40:00 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 11.03.2017 13:37:02 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

Error - 18.03.2017 13:37:04 | Computer Name = DESKTOP-VPUTASI | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: The remote server returned an error:
(404) Not Found.

[ System Events ]
Error - 20.03.2017 13:35:57 | Computer Name = DESKTOP-VPUTASI | Source = DCOM | ID = 10016
Description =

Error - 21.03.2017 13:58:50 | Computer Name = DESKTOP-VPUTASI | Source = DCOM | ID = 10016
Description =

Error - 21.03.2017 14:24:23 | Computer Name = DESKTOP-VPUTASI | Source = DCOM | ID = 10016
Description =

Error - 21.03.2017 17:52:27 | Computer Name = DESKTOP-VPUTASI | Source = DCOM | ID = 10016
Description =

Error - 22.03.2017 12:55:39 | Computer Name = DESKTOP-VPUTASI | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?3/?22/?2017 um 5:43:11 PM unerwartet heruntergefahren.

Error - 22.03.2017 12:55:41 | Computer Name = DESKTOP-VPUTASI | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.

Error - 22.03.2017 13:32:05 | Computer Name = DESKTOP-VPUTASI | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?3/?22/?2017 um 5:55:39 PM unerwartet heruntergefahren.

Error - 22.03.2017 13:32:05 | Computer Name = DESKTOP-VPUTASI | Source = BugCheck | ID = 1001
Description =

Error - 22.03.2017 13:32:08 | Computer Name = DESKTOP-VPUTASI | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.

Error - 22.03.2017 14:43:47 | Computer Name = DESKTOP-VPUTASI | Source = DCOM | ID = 10016
Description =


< End of report >
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1