Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Prozess csrss.exe läuft zwei mal

Prozess csrss.exe läuft zwei mal


Plagegeister aller Art und deren Bekämpfung: Prozess csrss.exe läuft zwei mal

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 04.11.2012, 21:06   #1
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Guten Tag,
ich bin momentan auf Virensuche bei den Prozessen. Ich habe meine Prozesse mit dem Security Task Manager angesehen und bemerkt, dass ein Prozess zweimal läuft. Dann habe ich lange "gegooglet" und habe Antworten gefunden, die auf meine Lage nicht zutreffen . Die Prozesse, sind laut Security Task Manager , im gleichen Verzeichnis C:\Windows\System32 zu finden. Dort sind sie aber nicht. Bemerkt habe ich das, als ich die Dateien auf der Seite www.virustotal.com testen wollte.
Hier der HijackThis Scan :
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:12, on 04.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\mshta.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Torben\Desktop\HiJack\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ConvertionOneIE - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
O2 - BHO: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Torben\AppData\Roaming\Mozilla\Firefox\Profiles\3awf6g1l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.94.dll (file missing)
O3 - Toolbar: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition_Download-Version\TrayServer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Torben\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Torben\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: HD Writer.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/08/16 14:04:35 (CLKMSVC10_DB37F995) - CyberLink - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe
O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18369 bytes
--- --- ---
Und eine Frage zum Schluss. Ich hatte in Erinnerung, dass man mit dem "normalen" Taskmanager von Windows die Prozesse sehen kann. Diese Funktion ist bei mir nicht verfügbar. Ist das normal? Hab ich mich da geirrt?


Bedanke mich jetzt schonmal für die Hilfe.
Viele Grüße
Schnitzelfre


EDIT: Habe die Virendurchsuchung der Prozesse fortgeführt und wieder ein Prozess gefunden, der nicht im Ordner , wo er sein soll, verhanden ist. Name des Prozesses : smss.exe
EDIT 2 : Habe noch ein Prozess gefunden bzw nicht gefunden. Er ist nicht im angegebenem Ordner. ich werde weitere Funde nicht posten, da es sich ja um das gleiche Problem handelt. Name: Core.exe Herausgeber zwar Electronic Arts, aber Viren können sich ja bekanntlich als Alles und Jede ausgeben
Geändert von Schnitzelfre (04.11.2012 um 21:50 Uhr)

Alt 06.11.2012, 16:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Hallo und

Zitat:
ich bin momentan auf Virensuche bei den Prozessen.
Warum, welchen Anlass gibt es dazu? Schon irgendwelche Scans gemacht? Wenn ja => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Zitat:
Ich habe meine Prozesse mit dem Security Task Manager angesehen und bemerkt, dass ein Prozess zweimal läuft.
Ja und? Bei csrss.exe ist das bei Win7 völlig normal

Zitat:
Dann habe ich lange "gegooglet" und habe Antworten gefunden, die auf meine Lage nicht zutreffen . Die Prozesse, sind laut Security Task Manager , im gleichen Verzeichnis C:\Windows\System32 zu finden. Dort sind sie aber nicht.
Die legitime csrss.exe MUSS In system32 liegen! Anders geht es nicht!


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen aufmerksam durch. Sollte irgendetwas unklar sein, Frage bevor du beginnst.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

  • Bitte keine Hijackthis-Logs mehr posten!

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 06.11.2012, 18:31   #3
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Hallo und Danke für deine Hilfe!
Meine Hauptfrage und der Auslöser, warum ich überhaupt dachte, dass ich Viren habe ist ja beantwortet, nämlich, dass es normal ist, dass der csrss.exe prozess zweimal läuft. Bleibt aber die Frage, warum der Prozess nicht im Verzeichnis ist, obwohl er da ja eingetragen ist. Er muss ja irgendwo vorhanden sein. Die Prozesse habe ich nur durchforstet, weil mein Computer beim Herunterfahren immer etwas brauchte, was aber an Steam lag, wie ich herausgefunden habe.
Das probelm ist nicht nur bei der csrss.exe. Kann es sein, dass der Security Task Manager nur was falsch macht?
Gruß Schnitzelfre
__________________
Alt 06.11.2012, 20:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Zitat:
nämlich, dass es normal ist, dass der csrss.exe prozess zweimal läuft
Wurde beantwortet.

Zitat:
Das probelm ist nicht nur bei der csrss.exe. Kann es sein, dass der Security Task Manager nur was falsch macht?
Hast du meinen Beitrag nicht richtig gelesen? Du solltest da noch einige Sachen mehr machen! Ohne Infos/Logs kann man dir rein garnix sagen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.11.2012, 16:27   #5
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Sorry, dachte es wäre nicht mehr nötig. Hier ist er:
Code:
ATTFilter
OTL logfile created on: 07.11.2012 16:11:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Torben\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,60 Gb Available Physical Memory | 71,19% Memory free
15,73 Gb Paging File | 12,97 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,35 Gb Total Space | 190,40 Gb Free Space | 32,58% Space Free | Partition Type: NTFS
 
Computer Name: TORBEN-PC | User Name: Torben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Torben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to iPod Converter\FreeYouTubeToiPodConverter.exe (DVDVideoSoft Ltd.)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll ()
MOD - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to iPod Converter\DVDVideoSoft.Resources.dll ()
MOD - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to iPod Converter\de-DE\DVDVideoSoft.Resources.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mfc100u.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (CLKMSVC10_DB37F995) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe (CyberLink)
SRV - (DevoloNetworkService) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (TIEHDUSB) -- C:\Windows\SysNative\drivers\tiehdusb.sys (Texas Instruments)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\nmwcdx64.sys (Nokia)
DRV:64bit: - (nmwcdcmx64) -- C:\Windows\SysNative\drivers\nmwcdcmx64.sys (Nokia)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (NPF_devolo) -- C:\Windows\SysWOW64\drivers\npf_devolo.sys (CACE Technologies)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (Secdrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Torben\Desktop
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d506l0408z115t7441c071
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.de/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE370
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\SearchScopes\{871C1DC4-6C58-4719-B685-77B3E4DE6564}: "URL" = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Torben\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Torben\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.10.31 12:48:32 | 000,000,000 | ---D | M]
 
[2012.10.29 23:24:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torben\AppData\Roaming\mozilla\Firefox\Profiles\956io89w.default\extensions
[2012.10.29 23:24:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Torben\AppData\Roaming\mozilla\Firefox\Profiles\956io89w.default\extensions\ich@maltegoetz.de
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.3_0\
CHR - Extension: Google Translate = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: AdBlock = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: FireShot: Webpage Screenshots + Annotations = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.23_0\
CHR - Extension: Cork Board = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga\1.0_0\
CHR - Extension: Google Mail = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Torben\AppData\Roaming\Mozilla\Firefox\Profiles\3awf6g1l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.94.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Torben\AppData\Roaming\Mozilla\Firefox\Profiles\3awf6g1l.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.94.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Sonderedition_Download-Version\TrayServer.exe (MAGIX AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [Akamai NetSession Interface] "C:\Users\Torben\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Torben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Programme\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Torben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4146755390-1899032672-475610802-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FF81FE2-0DF3-44C0-92A4-54D87E4A4F6F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2A3F480-A982-40E4-807B-D345A657D6DB}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.07 16:09:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Torben\Desktop\OTL.exe
[2012.11.04 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012.11.04 18:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2012.11.04 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2012.11.04 18:28:40 | 000,000,000 | ---D | C] -- C:\PCWELT
[2012.11.04 18:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TaskManager
[2012.10.31 20:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buka
[2012.10.31 20:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buka
[2012.10.28 13:34:01 | 000,000,000 | ---D | C] -- C:\Users\Torben\Desktop\lol
[2012.10.27 20:28:00 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Local\PictureConverter
[2012.10.25 16:23:17 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Local\{427A6921-ACDF-4090-AAF3-2384EFF7A21C}
[2012.10.24 21:01:53 | 000,000,000 | ---D | C] -- C:\Users\Torben\Documents\CraftBukkit
[2012.10.24 17:11:38 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Roaming\.minecraft
[2012.10.22 19:15:59 | 000,000,000 | ---D | C] -- C:\Users\Torben\Documents\Rainmeter
[2012.10.22 19:15:59 | 000,000,000 | ---D | C] -- C:\Users\Torben\AppData\Roaming\Rainmeter
[2012.10.22 19:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2012.10.21 10:03:03 | 000,000,000 | ---D | C] -- C:\Users\Torben\Desktop\Bitte löschen
[2012.10.19 22:57:35 | 000,000,000 | R--D | C] -- C:\Users\Torben\Desktop\Schule
[2009.11.05 04:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.07 16:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Torben\Desktop\OTL.exe
[2012.11.07 15:58:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.07 15:57:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146755390-1899032672-475610802-1000UA.job
[2012.11.07 15:48:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.07 14:58:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.07 14:15:24 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.07 14:15:24 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.07 14:06:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.07 14:06:16 | 2037,772,287 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.06 19:10:18 | 1256,827,902 | ---- | M] () -- C:\Users\Torben\Desktop\Worms Revolution... ein neues Spiel, neues Glück.mp4
[2012.11.06 18:02:31 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146755390-1899032672-475610802-1000Core.job
[2012.11.03 16:31:09 | 001,341,859 | ---- | M] () -- C:\Users\Torben\AppData\Local\Tempmusic.ogg
[2012.11.01 20:54:38 | 1131,343,592 | ---- | M] () -- C:\Users\Torben\Desktop\javaw 2012-11-01 20-53-48-34.avi
[2012.11.01 13:40:26 | 001,541,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.01 13:40:26 | 000,669,706 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.01 13:40:26 | 000,629,152 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.01 13:40:26 | 000,137,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.01 13:40:26 | 000,112,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.31 12:48:31 | 000,637,272 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.10.28 18:13:22 | 000,047,852 | ---- | M] () -- C:\Users\Torben\AppData\Local\recently-used.xbel
[2012.10.28 16:48:37 | 000,282,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.10.28 16:48:37 | 000,282,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.10.28 16:44:02 | 000,283,312 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.10.28 11:38:15 | 000,001,306 | ---- | M] () -- C:\Users\Torben\Desktop\Free YouTube Download.lnk
[2012.10.22 19:15:54 | 000,001,734 | ---- | M] () -- C:\Users\Torben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.10.21 21:03:53 | 006,475,528 | ---- | M] () -- C:\Users\Torben\Desktop\Trololo Sing Along!.mp3
[2012.10.19 18:45:30 | 000,012,598 | ---- | M] () -- C:\Users\Torben\Desktop\Computer.lnk
[2012.10.19 18:43:35 | 000,432,704 | ---- | M] () -- C:\Users\Torben\Desktop\Desktop geil.jpg
[2012.10.13 21:42:07 | 001,071,091 | ---- | M] () -- C:\Users\Torben\Desktop\img004.jpg
[2012.10.09 14:48:24 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 14:48:24 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.06 18:46:48 | 1256,827,902 | ---- | C] () -- C:\Users\Torben\Desktop\Worms Revolution... ein neues Spiel, neues Glück.mp4
[2012.11.02 13:13:34 | 001,341,859 | ---- | C] () -- C:\Users\Torben\AppData\Local\Tempmusic.ogg
[2012.11.01 20:53:48 | 1131,343,592 | ---- | C] () -- C:\Users\Torben\Desktop\javaw 2012-11-01 20-53-48-34.avi
[2012.10.28 18:13:22 | 000,047,852 | ---- | C] () -- C:\Users\Torben\AppData\Local\recently-used.xbel
[2012.10.28 11:38:15 | 000,001,306 | ---- | C] () -- C:\Users\Torben\Desktop\Free YouTube Download.lnk
[2012.10.22 19:15:54 | 000,001,734 | ---- | C] () -- C:\Users\Torben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.10.22 19:15:54 | 000,001,710 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
[2012.10.21 21:03:37 | 006,475,528 | ---- | C] () -- C:\Users\Torben\Desktop\Trololo Sing Along!.mp3
[2012.10.19 18:45:13 | 000,012,598 | ---- | C] () -- C:\Users\Torben\Desktop\Computer.lnk
[2012.10.19 18:43:32 | 000,432,704 | ---- | C] () -- C:\Users\Torben\Desktop\Desktop geil.jpg
[2012.10.13 21:42:07 | 001,071,091 | ---- | C] () -- C:\Users\Torben\Desktop\img004.jpg
[2012.08.21 17:37:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.07.03 21:43:08 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.23 17:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.05.23 17:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.05.23 17:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.05.23 17:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.05.08 14:07:36 | 000,282,312 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.08 14:07:32 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012.05.08 14:07:32 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.04.18 14:15:09 | 000,007,605 | ---- | C] () -- C:\Users\Torben\AppData\Local\Resmon.ResmonCfg
[2012.03.26 14:20:10 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012.02.11 19:25:17 | 000,000,680 | RHS- | C] () -- C:\Users\Torben\ntuser.pol
[2012.01.29 17:20:20 | 000,000,382 | ---- | C] () -- C:\Windows\wininit.ini
[2011.12.27 15:33:22 | 000,000,660 | ---- | C] () -- C:\Windows\eReg.dat
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.08.20 12:23:40 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.08.18 16:53:23 | 000,017,408 | ---- | C] () -- C:\Users\Torben\AppData\Local\WebpageIcons.db
[2011.08.18 16:35:18 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011.07.07 13:38:24 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2011.04.04 20:18:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.24 23:15:02 | 000,174,768 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.01 12:41:51 | 000,000,094 | ---- | C] () -- C:\Users\Torben\AppData\Local\fusioncache.dat
[2010.03.30 10:47:12 | 000,038,400 | ---- | C] () -- C:\Users\Torben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.20 11:22:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2011.08.22 16:00:20 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-4146755390-1899032672-475610802-1000\$RPH3DVD.minecraft\saves\jae1000j's Minecraft Note Block Song World Save (02.21.2011)\World5\n
[2011.08.22 16:00:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-4146755390-1899032672-475610802-1000\$RPH3DVD.minecraft\saves\jae1000j's Minecraft Note Block Song World Save (02.21.2011)\World5\u
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.03.18 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\.minecraft
[2012.03.10 21:29:46 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\AnvSoft
[2012.03.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Epson
[2012.03.18 13:32:51 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Orbit
[2012.03.03 21:39:50 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\ProgSense
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D20FFA63

< End of report >


Alt 07.11.2012, 16:32   #6
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Code:
ATTFilter
OTL Extras logfile created on: 07.11.2012 16:11:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Torben\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,60 Gb Available Physical Memory | 71,19% Memory free
15,73 Gb Paging File | 12,97 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,35 Gb Total Space | 190,40 Gb Free Space | 32,58% Space Free | Partition Type: NTFS
 
Computer Name: TORBEN-PC | User Name: Torben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F81EE5-0306-46DE-BAFC-4BDB1B89EE13}" = lport=6985 | protocol=6 | dir=in | name=league of legends launcher | 
"{0475DCCA-8866-4270-AB1B-1FC2EA36FA97}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 
"{0494A6FA-28D6-4A26-9D11-02D91C25D678}" = lport=6934 | protocol=17 | dir=in | name=league of legends launcher | 
"{0572FC80-6BE5-4A52-A7EB-C7556488C952}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher | 
"{0711612F-A75F-48D1-869A-BBE7161EBFA6}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | 
"{09920223-DC28-45FA-AEA4-9E0941CAF4ED}" = lport=6982 | protocol=17 | dir=in | name=league of legends launcher | 
"{1086B795-C7F2-431A-B4D4-62DDE35D535C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{113E79CF-15F6-4D16-9213-AF875C540CFC}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{12D3592D-1330-4C58-BCBD-A14B93B07552}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | 
"{13BC555D-FE27-4F5F-BDDD-B929FF4F1160}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher | 
"{170B4A7B-C450-4EAC-BB03-2DCDC614FC51}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{194EC8A4-8226-4F6D-B4CB-67898F408D05}" = lport=6963 | protocol=6 | dir=in | name=league of legends launcher | 
"{2B3F4259-BE53-408C-98FB-39308247BEC5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{36B94C92-0C9B-4D9E-9E60-A91075C5CD28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{36E67F46-4C95-45D9-B283-56E24A01F5D5}" = lport=6961 | protocol=6 | dir=in | name=league of legends launcher | 
"{370CA181-7A35-427F-B3A9-B00B2204AF8F}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher | 
"{384C139D-05A9-4A68-BAD3-948BA8AA9E0F}" = lport=6985 | protocol=17 | dir=in | name=league of legends launcher | 
"{3ED93D33-63BB-4536-AC02-38C0200DEDDD}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | 
"{3FD8C513-4C1A-4CBD-81D8-C3C967E24687}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{41CE62D0-0598-428C-9DE3-69F37A438F20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{47FABDB8-15B4-476E-B13C-DBD8CFEC7362}" = lport=6963 | protocol=17 | dir=in | name=league of legends launcher | 
"{4F908997-8EC3-4F4F-ADF4-6BEE12E61983}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher | 
"{5162926A-F190-4749-9F2D-A69757722887}" = lport=6934 | protocol=6 | dir=in | name=league of legends launcher | 
"{51C8AE57-D7C9-4648-AA46-31228DC557FB}" = lport=6982 | protocol=6 | dir=in | name=league of legends launcher | 
"{53ADC085-EDE4-40D4-A324-E7E34D8C99DB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5530A52D-8056-41A7-A491-3FB43CE46853}" = lport=6911 | protocol=6 | dir=in | name=league of legends launcher | 
"{55F0FF83-A8C0-4E82-B866-97D1C2C13BA1}" = lport=6911 | protocol=17 | dir=in | name=league of legends launcher | 
"{562B6ECF-C5A3-48C1-8F79-E6345D832276}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{56D6CBA2-4681-418C-88CC-FDBA62752F25}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{57C23CE8-4107-4351-A388-D938E7D4F2C7}" = lport=6919 | protocol=6 | dir=in | name=league of legends launcher | 
"{58D8140F-8DFA-4088-AEF5-19FF9607A5CA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5E3B83A8-EB39-4F9E-AC60-F12F6B642939}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{62BC52A5-EFDB-4A12-9330-F91DBCECD9D8}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | 
"{66891AC5-4B62-49E9-BD0D-083B7850E2ED}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{705399DB-047A-4243-BB6F-7ED0BB63CE07}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{72BAA241-2CBF-4A68-8587-314397B745CA}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | 
"{7368DCFB-163C-47F0-A848-77EB2C9C62EB}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | 
"{75DE4B4F-C827-49EA-9DC5-D34DD4EB8BDF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{798017FD-412F-4852-8566-131EE9B75B23}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher | 
"{7A748C61-33B6-47EF-B7DB-34BFF34FD2B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7CF7D652-1331-4148-A48A-743DE38766B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{802652E9-0148-43B0-A02D-EA94508C6D76}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{802C3225-93AF-4A1A-B236-A1EF5059993B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8086B93C-6BEA-49E7-BFDE-75EFB2DB4370}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | 
"{82EE1501-6465-4830-9375-58077A5CA6DE}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher | 
"{85351885-5208-4108-BC31-7F79A6F6E4CE}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{87C99802-A59F-4717-8E60-B371592D3DCA}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{88E056F2-CD43-4D59-8DBD-39B807C912A9}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | 
"{8D99A945-9D6F-4F7A-BC76-4D33EED6BFE4}" = lport=6944 | protocol=6 | dir=in | name=league of legends launcher | 
"{8EA00350-1538-4211-A160-ACA75A42C754}" = lport=6961 | protocol=17 | dir=in | name=league of legends launcher | 
"{944F949C-54FD-48A3-8529-A32568972843}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 
"{9595C365-84EE-449D-999E-C8C9586522D0}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | 
"{9659F4D8-E026-4427-AD69-BEEA86AAA25E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9BD0056D-9873-40D7-98AC-116A48ABC305}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A3813B63-B9BC-4FEE-87FE-DB6E9D5C25CC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A41EB07F-D442-4B08-9846-54E0CD9394BD}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher | 
"{A72BBC25-A4A2-4FE6-BF52-3D63D7C9D782}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A9D9EBE1-6985-4187-8FDE-A0039C487BED}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher | 
"{AFF79188-F52D-4584-B6F7-4DF680505601}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B182A9F4-EE73-4F73-8192-489D7409F49D}" = lport=6983 | protocol=17 | dir=in | name=league of legends launcher | 
"{B1C216F1-2181-40FB-A270-807C785B0C4A}" = lport=6919 | protocol=17 | dir=in | name=league of legends launcher | 
"{B550B3E8-312E-4DF7-984F-0421907A0423}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BC6608AF-F68E-4075-ABB1-8E526E8FEA8D}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | 
"{C253CD20-6D79-441D-81C5-A6952D2C0F4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{C3E03E13-59C3-42DD-AEE1-6D9B47D35579}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C440D906-F9CF-45CD-AEE0-D850C858F6C3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C8DF8069-594C-4C76-9B44-CE64CAC60DC9}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher | 
"{CF5F1886-61C4-4187-A9F6-26B37E8E2A54}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{D3161E26-F0E5-468F-A4C4-A4096B4187AB}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{D9CADBB0-8C62-49EA-9B10-E3BC088474E8}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{DDBC4981-83AF-4ED6-B5B8-7943CFEFA9F2}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher | 
"{E1C75A9E-933F-4D4A-A356-05EC48E44A24}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{E2758237-3CE1-41FD-A0E9-63F0351ED026}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher | 
"{E2F690AE-A517-4F45-A046-446A7FF9E9A1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E592BF62-841C-4661-AF3D-510C87B31FAB}" = lport=6944 | protocol=17 | dir=in | name=league of legends launcher | 
"{E62F4F50-2461-40BC-A95C-A333689E6221}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{EBF48773-2BE8-4386-9B9A-40A4725F1D49}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EE91A145-696F-47D4-AC8B-114562F62441}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{F30BCE3B-38D4-40EE-9972-6A642D149F27}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F31C165D-B12D-4DED-835E-F4ADF0F1A4FD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F9873599-AB96-4239-AA50-C580CA949F1D}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher | 
"{FF7DD0FA-EE0C-4215-A733-47750901003C}" = lport=6983 | protocol=6 | dir=in | name=league of legends launcher | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CE9F62-8F21-477C-8DD9-2F13076C7E89}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe | 
"{0501B4BE-D0B7-4B12-B894-3784D6624047}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{050DFEF8-DE65-4F08-82F7-0EA870CBA7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\launchpad.exe | 
"{05DA680E-D6CD-4A49-820C-320A99B7D5FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0795292B-9D03-4C30-A11C-528724910F5C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{0D68B11C-C8A2-4A1A-941A-DD4772E0352B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{104D575B-E16F-4A49-863A-4267E674154A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{1060964F-A81E-45FF-A4DE-D7A49CB5603E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{11E7CF78-0D76-4267-9A7E-93CC8D2FAC19}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{1784E630-BC49-4A9A-AC2F-079BC3FE378E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1939B3CC-6B20-441F-B449-12EC56F93BFD}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{1ABA5C6B-9016-45E9-8B68-4A55256B6AAC}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{1B89B5F2-EC6B-45E7-B78A-7AF4FB0910E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 
"{1BAAC1FA-50E4-49A0-90BC-1514F4E3B64B}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | 
"{1C3A1180-6858-4013-9A63-B62B92D4D746}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\launchpad.exe | 
"{1FF7950D-2F60-4BD6-9A92-D5CFE3C5B06A}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | 
"{242A0055-1DFA-4203-BBEA-793F92395C7C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{24797358-A6A4-495D-94DB-AA5C4F3EA8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{25B65603-FBF5-4A2F-B365-F0A528F63F91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{27ED5A51-9735-4F94-9133-510B27755ABE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{28963599-C5D6-42A9-8BE2-A31E062F8C89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2BD1C1E5-2200-48FE-BDAD-1A5D9DD2AD75}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 
"{315B66BC-2C47-48EC-B8EB-46BDBD3C8423}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{31A389AA-F1A4-4767-8B1E-BA40D045172B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{33F1602A-F726-4836-97A9-FE026D119B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{3497AD8B-B89E-4524-A365-95F7EF7DB961}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{36CB8E5B-AA35-4659-A508-F4F1F814AF75}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{3855313D-A5E1-49E2-BEDD-71A6B430D5B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3C761C60-2383-44AC-8395-4AAA272F1FDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3D543720-D068-454C-BCCD-691044483A33}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{3D7EFC27-A062-411B-AF94-354E8A6CC057}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{40C5AFE2-492E-48A1-A1E9-BE71FE079AE7}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 
"{49E773CE-59CF-4DD7-A1D2-DD52182C263B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe | 
"{4A6EDC29-DE54-42EE-8B92-ECEED0D98B2B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{4EFEFDA6-02E6-4F64-A9BF-9215F6AF17F4}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 
"{4F27898D-F96F-48FF-BB99-7C9872F9B3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{4FE6A47A-7399-4E9C-BCA3-F58E361EAE7E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{52164FC6-CBE3-427F-B4F8-FBF0608386C3}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 
"{57393DA3-FE53-491F-B234-3311699FF39E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{57926FE9-BA39-498D-B4B2-08C44B1CF92A}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | 
"{597B8CD7-64A4-43C9-8E67-9BB0EF0C2855}" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\temp\dsoclient\dlcache\app.n3app | 
"{597F0474-BA20-41D2-8A62-F5D7F6B83040}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{5A80A6CF-E995-4157-9053-1748062EB420}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 
"{63133D4D-5CC3-4D37-BEC7-7413B0507FC6}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 
"{64E5E696-2A58-4013-A4CC-90C38AC21EB5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{68789345-4319-4203-99BF-59635931A7AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6889F153-5516-4764-B227-1C85B3C3E83C}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe | 
"{68BF4AA2-1E6E-4A34-88CA-7A46C502241F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{696549A3-88D7-40A7-8DCD-09846FD82CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe | 
"{6AC2E378-9AA1-4888-8CD0-715F175400FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 
"{70ED8950-62DE-4D31-9FB6-74C521FA8D23}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 
"{7161B04F-D5F8-4FC6-AF1F-7C09190DF2DF}" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 
"{718A8C92-1919-4D51-B86A-D3C85706A491}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{73CD368C-4B76-4447-84B9-AE5114629BE9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{74BF69AA-73E8-48C8-AA70-055B4AF769C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{753BD24F-2EFC-48DF-A379-AFC742AB10CE}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 
"{7547687C-4451-421B-90C1-F05BACA0A480}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{773C7D17-8012-41A2-B765-00C421BDFD9B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7854D711-79CB-45B2-B9EC-92C4BF00B5EF}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{7DA3E4D5-A551-4F57-8917-DCF7C78026F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{805A44F7-3CE2-49FE-929A-F8710968D515}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe | 
"{80616713-BDDB-4EF3-B6FF-81D6CE40FCBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 
"{8247C900-2345-4947-B2AB-44A3A0E43EEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | 
"{83D64BC9-0D51-4FF1-AEB2-EE2E9166827E}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 
"{8697C832-640C-4633-AE47-BFFED310FB25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{86EF19E6-E150-4071-A769-0E9A44375BD2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8AACD64C-F619-440D-A7F3-018241EBD3E3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{8BB0EC09-BE9D-4511-B8A4-888A19F6965F}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{8DFE1010-0A44-40D6-87AF-C793350968B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | 
"{8FFBED1B-8D61-4D08-9D42-C5897D2E21DC}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe | 
"{9277E971-CB42-4908-A5B0-E52EDB4F6310}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{956030B7-A514-488F-9767-593A03006E22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9750FD30-92A1-495C-8027-83048CEDE7F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{9DCF6BE8-6473-4AAF-B742-B7BD2A51F62A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A6F7608A-5CF8-413D-92A9-0A7C25AE1D84}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | 
"{A9B8B711-5E0C-4EB0-B9C3-15625C1948A4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{AD55CAC3-AF5E-4C1C-BB4E-B133B1AFFEF0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 
"{B2656BF4-7156-470F-9361-A844FF651B93}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | 
"{B30DDDDD-CC9D-45E5-8672-0D7B70E87BAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B396C143-DDA3-4C72-AB5E-97B7880FF0CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B605EF6D-1012-4621-905E-9EE7C721BD98}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{B779DEB5-DEAC-4613-8F4E-B4F0BAA48F14}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 
"{BAC55FA5-4DAC-4F38-AC9F-5A036D9E4C19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{BC4CC9D6-90FF-4EB6-A679-604FF0B0A7E6}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{BDB59922-D653-4384-B0E1-CA8FA7EDC2AC}" = protocol=6 | dir=out | app=system | 
"{C1B8ED49-E4B6-4289-852E-A0E2E6310859}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{C5608C48-99B3-49F1-9D31-24EEC0BEAF7E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{C80AB867-A94A-45A1-AF73-C4099C08A10C}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe | 
"{C8CD2CD2-0F58-4A45-AFDB-30EB26737894}" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 
"{C9488741-7C88-4F78-9565-61F82ECE6690}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | 
"{C9D88F28-B063-464C-8767-89249131CA13}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe | 
"{CA0FAEDE-3530-4F8D-BD90-7C9D945FA55E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CD48E4D2-21DC-4B1C-92F3-BF399FEDA924}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{D21F1DE8-8C88-4158-BB38-E211389EBDB8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{D2E80A6F-84B3-4875-8E87-F38C6A817103}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D50DE0FA-5629-4990-8342-6F7E471123BE}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{D79E15BC-C53B-43F4-9F36-5504F51973B5}" = protocol=17 | dir=in | app=c:\users\torben\desktop\neuer ordner (3)\crossfire0212downloader.exe | 
"{D7C52228-2583-43FF-A4EC-9876E772AB2F}" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\temp\dsoclient\dlcache\app.n3app | 
"{D88ABBEE-533B-40A2-8D06-47A14780DDE6}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{DA780C7C-45A9-42AB-AEE2-11FFEE60B7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 
"{DCFD0158-AECB-45AE-BCFB-BFE78E3A3237}" = protocol=6 | dir=in | app=c:\users\torben\desktop\neuer ordner (3)\crossfire0212downloader.exe | 
"{DDCEBF27-3A3A-4C46-9C05-5A9CD089924B}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{DF0AFC34-3122-4BB4-88E4-A770A7757978}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe | 
"{E0A51E6D-D0A5-4296-84D4-006A1421CD4E}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{E4844C78-6ADB-44F4-A4E1-193066203B86}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 2142 deluxe edition\bf2142.exe | 
"{E6DC6377-8A18-439B-8566-EC034D5A7736}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 
"{E9B4BF86-F737-4AC9-982A-C2B0006B091C}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | 
"{EA713467-DB4B-4E49-BA1B-5B5130E05525}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe | 
"{EA9C0D59-0F85-4B08-B035-E71D32EDFDD1}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | 
"{EC3EE6EC-212E-490E-A644-0C855D89604B}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe | 
"{EE8C36DF-0DD5-43FC-AAAE-23B234E68AD3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F00CC597-B528-436E-BAD5-EFF52D34F12E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F0B159E1-6461-407D-B41D-3774E57C26AE}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{F575D914-635F-4506-94F2-ED0ADBDA9F5B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FC29932C-C447-49BA-A83A-9C6E90245DEF}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe | 
"{FD1CEC41-06FF-4E57-91CF-A9669A6742BC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"TCP Query User{013BD469-296C-4999-A301-18F674E14B6C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"TCP Query User{071BDCE3-897E-430E-B740-88AFCF52EF66}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{12F77557-9780-4CC8-A598-1C826669F7C0}C:\users\torben\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{1C6355E4-CC74-486D-A057-4CAF6E8FBD65}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"TCP Query User{215715ED-32EF-4FE6-B9EA-BE0FADCC3502}C:\program files (x86)\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"TCP Query User{32B9916E-B8DD-4776-A214-1C6C2B37CB6C}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{439BFE98-04EC-498E-9BC4-BE3D738567BF}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 
"TCP Query User{48F7BE26-A1BE-49C6-9794-CF07E89F4420}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{4926DE7A-83A2-41AC-B4BF-64A3266BD5FD}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{60360D32-A0B9-4133-B394-E5D977108424}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{7508825E-8D3D-41E9-8612-422E3449EB00}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"TCP Query User{80230FDF-ABB6-461A-B32E-852B09AF53DA}C:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe | 
"TCP Query User{8780FD61-871D-450E-BCE5-8099F55E4D1E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{9EA9BD35-2C27-44C3-9819-76B3DDB7E545}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe | 
"TCP Query User{A086B318-49BB-4941-8C5E-B92A9A4388CA}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"TCP Query User{ACF70296-80B8-49C2-A586-C19CFDF1104E}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{B957EF92-F9BE-477F-9613-9BF49BEFB616}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"TCP Query User{E4592E34-F26C-46CE-9E83-C2794C5C1572}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | 
"TCP Query User{F692D229-C9CB-4F6D-BCC7-4D33B9350862}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd | 
"UDP Query User{00B94BF5-2078-4572-AC35-E48658676CAE}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd | 
"UDP Query User{0326ED2D-EFCC-44F3-8ABE-4B0CA991D817}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"UDP Query User{0648C508-40C9-4872-A169-189E8F8AAFC1}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{26EF5361-E150-4DEF-BA08-D91E66097120}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
"UDP Query User{315BAA19-9EBC-48EC-9711-30CC3725DF2E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{3C2CBD05-0EEF-417F-9B27-241441CBD82D}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"UDP Query User{3D9587C8-757C-45AB-8C2D-285D1B942184}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{5B0746FF-9A97-4036-97D0-3A40D14E2BA5}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{6A6713CC-EBB7-4797-8220-1876E2630B6C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{7036E19B-3AD6-4679-9AF5-9C5CD0544908}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | 
"UDP Query User{735F0758-9319-4E86-8347-27DDF780ABBE}C:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bullet run\binaries\win32\bulletrun.exe | 
"UDP Query User{8AF6851F-C798-4599-8F33-2AB4AC046053}C:\program files (x86)\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"UDP Query User{9411B73D-C08A-463A-A82E-746B6FFC9ADD}C:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | 
"UDP Query User{9D9B1490-44EE-4667-A65F-2FBB6D04DA68}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 
"UDP Query User{9EAFFFF2-255F-4B25-A811-5219E9C3CCF7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{BC66C354-15B3-4582-9EC5-B84E067EFB90}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"UDP Query User{CD091CAC-2AC8-4088-AF93-5880F39F3C0E}C:\program files (x86)\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\program files (x86)\alaplaya\loco\system\loco.exe | 
"UDP Query User{CE7C713C-EC7E-4008-8F50-E4AA875CB2DD}C:\users\torben\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\torben\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{FF9CB116-D5A5-4AFC-B609-94A52FD9B301}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D237D67F-E77C-4D9E-AA66-8B7A821C215F}" = MFC RunTime files x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON BX525WD Series" = EPSON BX525WD Series Printer Uninstall
"GIMP-2_is1" = GIMP 2.8.0
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = HALO 2 FÜR WINDOWS VISTA
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E9ADAB4-74DE-4362-8DB9-E2E86176C73B}_is1" = Mod Installer 1.1 Risugami ohen beta Kanten Version 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista
"{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{525E2229-6693-40E6-8FBE-FF4E5F8D7AF7}_is1" = Modinstaller für Minecraft 1.3.2 Version 2.0
"{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor
"{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese
"{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian
"{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}" = Global Agenda Launcher
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{765AD336-1219-478F-97E8-2D23FBE70981}" = MAGIX Video deluxe 16 Plus Sonderedition Download-Version
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish
"{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German
"{7E079E23-77CB-4AA4-A335-5D6DF9143720}" = FireArc Arcade
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1" = Minecraft Note Block Studio version 3.1.3
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard
"{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = Ontrack EasyRecovery DataRecovery Trial
"{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All
"{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian
"{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light
"{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek
"{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DAC69A3A-89E6-4B70-B486-B974C2C95BE9}" = HD Writer AE 4.0
"{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian
"{DB318841-F512-49DF-999B-2A6AEDA9E13A}" = Samorost 2
"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"AbiWord2" = AbiWord 2.9.2
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Any Video Converter_is1" = Any Video Converter 3.2.7
"Audacity_is1" = Audacity 2.0
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"dlancockpit" = devolo dLAN Cockpit
"dlanconf" = devolo dLAN-Konfigurationsassistent
"Drakensang Online" = Drakensang Online
"dslmon" = devolo Informer
"EPSON BX525WD Series Network Guide" = EPSON BX525WD Series Netzwerk-Handbuch
"Finale 2011 Demo" = Finale 2011 Demo
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"Free Audio Converter_is1" = Free Audio Converter version 5.0.4.1228
"Free YouTube Download_is1" = Free YouTube Download version 3.1.39.1015
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.32.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Game Booster_is1" = Game Booster 3
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"Halo 2" = HALO 2 FÜR WINDOWS VISTA
"Hard Truck Apocalypse_is1" = Hard Truck Apocalypse
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"League of Legends_is1" = League of Legends
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX_MSI_Videodeluxe16_plus" = MAGIX Video deluxe 16 Plus Sonderedition Download-Version
"MediaCoder" = MediaCoder 0.7.5.4720
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"RocketDock_is1" = RocketDock 1.3.5
"Security Task Manager" = Security Task Manager 1.8d
"Steam App 17050" = Global Agenda - Demo
"Steam App 211880" = Bullet Run
"Steam App 400" = Portal
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Uninstall_is1" = Uninstall 1.0.0.1
"Usenet.nl_is1" = Usenet.nl
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4146755390-1899032672-475610802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.09.2011 09:37:47 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
 mDNS_reentrancy (0)
 
Error - 16.09.2011 09:37:47 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 
!= mDNS_reentrancy (0)
 
Error - 16.09.2011 13:05:46 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
 mDNS_reentrancy (0)
 
Error - 16.09.2011 13:05:46 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 
!= mDNS_reentrancy (0)
 
Error - 17.09.2011 08:59:36 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
 mDNS_reentrancy (0)
 
Error - 17.09.2011 08:59:36 | Computer Name = Torben-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) 
!= mDNS_reentrancy (0)
 
Error - 17.09.2011 09:43:05 | Computer Name = Torben-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0033a5e8  ID des fehlerhaften
 Prozesses: 0x1bd0  Startzeit der fehlerhaften Anwendung: 0x01cc753a6e9339ee  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe
Berichtskennung:
 f81aa74e-e132-11e0-a401-00262d8796ce
 
Error - 17.09.2011 09:43:09 | Computer Name = Torben-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0033a5e8  ID des fehlerhaften
 Prozesses: 0x1bd0  Startzeit der fehlerhaften Anwendung: 0x01cc753a6e9339ee  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe
Berichtskennung:
 fa87dfd7-e132-11e0-a401-00262d8796ce
 
Error - 17.09.2011 13:48:11 | Computer Name = Torben-PC | Source = Application Hang | ID = 1002
Description = Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1e00    Startzeit: 01cc7561f104f95f    Endzeit: 0    Anwendungspfad: 
C:\Windows\system32\NOTEPAD.EXE    Berichts-ID: 332c46fa-e155-11e0-a401-00262d8796ce

 
Error - 17.09.2011 13:48:37 | Computer Name = Torben-PC | Source = Application Hang | ID = 1002
Description = Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1194    Startzeit: 01cc7562006ac85a    Endzeit: 10    Anwendungspfad:
 C:\Windows\system32\NOTEPAD.EXE    Berichts-ID: 4387c0b2-e155-11e0-a401-00262d8796ce

 
[ Media Center Events ]
Error - 21.04.2012 11:53:55 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 17:53:55 - Fehler beim Herstellen der Internetverbindung.  17:53:55 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.04.2012 11:54:14 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 17:54:01 - Fehler beim Herstellen der Internetverbindung.  17:54:01 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.04.2012 12:54:21 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 18:54:21 - Fehler beim Herstellen der Internetverbindung.  18:54:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.04.2012 12:54:27 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 18:54:27 - Fehler beim Herstellen der Internetverbindung.  18:54:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 24.04.2012 09:41:31 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:41:31 - Fehler beim Herstellen der Internetverbindung.  15:41:31 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 24.04.2012 09:41:54 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:41:36 - Fehler beim Herstellen der Internetverbindung.  15:41:36 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.05.2012 09:10:05 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:10:05 - Fehler beim Herstellen der Internetverbindung.  15:10:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.05.2012 09:10:16 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:10:11 - Fehler beim Herstellen der Internetverbindung.  15:10:11 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.05.2012 09:02:38 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:02:38 - Fehler beim Herstellen der Internetverbindung.  15:02:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.05.2012 09:03:31 | Computer Name = Torben-PC | Source = MCUpdate | ID = 0
Description = 15:03:25 - Fehler beim Herstellen der Internetverbindung.  15:03:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 04.11.2012 12:30:46 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 04.11.2012 12:40:46 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 04.11.2012 12:50:46 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 04.11.2012 13:00:46 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 04.11.2012 13:10:46 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 04.11.2012 13:15:35 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 05.11.2012 09:35:21 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 05.11.2012 15:28:25 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 06.11.2012 07:32:21 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 07.11.2012 09:07:38 | Computer Name = Torben-PC | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
Eigentlich habe ich Combat Arms gelöscht.

Alt 07.11.2012, 16:34   #7
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Habs ausversehen zweimal gepostet. Habe die Löschfunktion nicht gefunden
Geändert von Schnitzelfre (07.11.2012 um 16:48 Uhr)

Alt 07.11.2012, 16:58   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Warum du aber Virenbefall befürchtest ist immer noch nicht so ganz plausibel begründet - man wacht nicht eines morgens auf und prüft wie oft die csrss.exe läuft
Was genau ist also der Auslöser?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.11.2012, 17:41   #9
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Wie gesagt wegen der Steam.exe. Wenn ich den Computer herunterfahren wollte, stand dort immer, dass die Steam.exe geschlossen werden muss und kurze Zeit später ging er aus. Dann ist mir aufgefallen, dass der normale Task Manager von Windows die Prozesse nicht mehr anzeigt, was er soweit ich weiß mal getan hat. Also nicht weil mein Computer Virenbefall gemeldet hat oder so.

Alt 07.11.2012, 21:15   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.11.2012, 21:58   #11
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Habe ich etwa Viren auf dem PC ? Morgen kommen dann die Auswertungen.

Alt 07.11.2012, 22:13   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Zitat:
Habe ich etwa Viren auf dem PC ? Morgen kommen dann die Auswertungen.
Daraf versuche ich ja eine Antwort zu finden!
Ohne Logs geht das nicht!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.11.2012, 12:23   #13
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Hier die TDSSKILLER Auswertung
Code:
ATTFilter
12:19:56.0053 7104  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:19:56.0176 7104  ============================================================
12:19:56.0176 7104  Current date / time: 2012/11/08 12:19:56.0176
12:19:56.0176 7104  SystemInfo:
12:19:56.0176 7104  
12:19:56.0176 7104  OS Version: 6.1.7601 ServicePack: 1.0
12:19:56.0176 7104  Product type: Workstation
12:19:56.0176 7104  ComputerName: TORBEN-PC
12:19:56.0177 7104  UserName: Torben
12:19:56.0177 7104  Windows directory: C:\Windows
12:19:56.0177 7104  System windows directory: C:\Windows
12:19:56.0177 7104  Running under WOW64
12:19:56.0177 7104  Processor architecture: Intel x64
12:19:56.0177 7104  Number of processors: 4
12:19:56.0177 7104  Page size: 0x1000
12:19:56.0177 7104  Boot type: Normal boot
12:19:56.0177 7104  ============================================================
12:19:56.0940 7104  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:19:56.0946 7104  ============================================================
12:19:56.0946 7104  \Device\Harddisk0\DR0:
12:19:56.0947 7104  MBR partitions:
12:19:56.0947 7104  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
12:19:56.0947 7104  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x490B52B0
12:19:56.0947 7104  ============================================================
12:19:57.0074 7104  C: <-> \Device\Harddisk0\DR0\Partition2
12:19:57.0074 7104  ============================================================
12:19:57.0074 7104  Initialize success
12:19:57.0074 7104  ============================================================
12:19:57.0927 3496  ============================================================
12:19:57.0927 3496  Scan started
12:19:57.0927 3496  Mode: Manual; 
12:19:57.0927 3496  ============================================================
12:19:59.0405 3496  ================ Scan system memory ========================
12:19:59.0405 3496  System memory - ok
12:19:59.0405 3496  ================ Scan services =============================
12:20:00.0520 3496  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:20:00.0523 3496  1394ohci - ok
12:20:00.0617 3496  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:20:00.0620 3496  ACPI - ok
12:20:00.0676 3496  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:20:00.0676 3496  AcpiPmi - ok
12:20:01.0249 3496  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:20:01.0250 3496  AdobeARMservice - ok
12:20:01.0638 3496  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:20:01.0640 3496  AdobeFlashPlayerUpdateSvc - ok
12:20:01.0781 3496  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:20:01.0785 3496  adp94xx - ok
12:20:01.0922 3496  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:20:01.0925 3496  adpahci - ok
12:20:02.0012 3496  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:20:02.0013 3496  adpu320 - ok
12:20:02.0050 3496  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:20:02.0051 3496  AeLookupSvc - ok
12:20:02.0160 3496  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:20:02.0165 3496  AFD - ok
12:20:02.0410 3496  [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:20:02.0411 3496  AgereModemAudio - ok
12:20:02.0578 3496  [ A6AB6F0ACE87DA76B4C401813D18BE95 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
12:20:02.0590 3496  AgereSoftModem - ok
12:20:02.0669 3496  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:20:02.0670 3496  agp440 - ok
12:20:02.0746 3496  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:20:02.0747 3496  ALG - ok
12:20:02.0852 3496  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:20:02.0852 3496  aliide - ok
12:20:02.0963 3496  [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:20:02.0965 3496  AMD External Events Utility - ok
12:20:03.0063 3496  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:20:03.0063 3496  amdide - ok
12:20:03.0151 3496  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:20:03.0152 3496  AmdK8 - ok
12:20:03.0236 3496  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:20:03.0237 3496  AmdPPM - ok
12:20:03.0331 3496  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:20:03.0332 3496  amdsata - ok
12:20:03.0432 3496  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:20:03.0434 3496  amdsbs - ok
12:20:03.0495 3496  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:20:03.0496 3496  amdxata - ok
12:20:03.0541 3496  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
12:20:03.0542 3496  AmUStor - ok
12:20:03.0599 3496  Scan interrupted by user!
12:20:03.0599 3496  ================ Scan global ===============================
12:20:03.0599 3496  Scan interrupted by user!
12:20:03.0599 3496  ================ Scan MBR ==================================
12:20:03.0599 3496  Scan interrupted by user!
12:20:03.0599 3496  ================ Scan VBR ==================================
12:20:03.0599 3496  Scan interrupted by user!
12:20:03.0599 3496  ============================================================
12:20:03.0599 3496  Scan finished
12:20:03.0599 3496  ============================================================
12:20:03.0610 0164  Detected object count: 0
12:20:03.0610 0164  Actual detected object count: 0
12:20:35.0545 2180  ============================================================
12:20:35.0545 2180  Scan started
12:20:35.0545 2180  Mode: Manual; SigCheck; TDLFS; 
12:20:35.0545 2180  ============================================================
12:20:37.0272 2180  ================ Scan system memory ========================
12:20:37.0272 2180  System memory - ok
12:20:37.0272 2180  ================ Scan services =============================
12:20:37.0724 2180  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:20:37.0787 2180  1394ohci - ok
12:20:37.0831 2180  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:20:37.0845 2180  ACPI - ok
12:20:38.0124 2180  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:20:38.0151 2180  AcpiPmi - ok
12:20:38.0630 2180  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:20:38.0650 2180  AdobeARMservice - ok
12:20:39.0230 2180  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:20:39.0247 2180  AdobeFlashPlayerUpdateSvc - ok
12:20:39.0406 2180  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:20:39.0424 2180  adp94xx - ok
12:20:39.0548 2180  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:20:39.0584 2180  adpahci - ok
12:20:39.0626 2180  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:20:39.0638 2180  adpu320 - ok
12:20:39.0709 2180  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:20:39.0750 2180  AeLookupSvc - ok
12:20:39.0864 2180  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:20:39.0895 2180  AFD - ok
12:20:40.0058 2180  [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:20:40.0079 2180  AgereModemAudio - ok
12:20:40.0282 2180  [ A6AB6F0ACE87DA76B4C401813D18BE95 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
12:20:40.0314 2180  AgereSoftModem - ok
12:20:40.0350 2180  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:20:40.0362 2180  agp440 - ok
12:20:40.0405 2180  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:20:40.0422 2180  ALG - ok
12:20:40.0455 2180  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:20:40.0470 2180  aliide - ok
12:20:40.0523 2180  [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:20:40.0548 2180  AMD External Events Utility - ok
12:20:40.0744 2180  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:20:40.0765 2180  amdide - ok
12:20:40.0811 2180  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:20:40.0826 2180  AmdK8 - ok
12:20:40.0874 2180  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:20:40.0892 2180  AmdPPM - ok
12:20:40.0936 2180  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:20:40.0950 2180  amdsata - ok
12:20:41.0014 2180  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:20:41.0039 2180  amdsbs - ok
12:20:41.0077 2180  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:20:41.0095 2180  amdxata - ok
12:20:41.0135 2180  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
12:20:41.0152 2180  AmUStor - ok
12:20:41.0192 2180  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
12:20:41.0217 2180  androidusb - ok
12:20:41.0327 2180  [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
12:20:41.0339 2180  ApfiltrService - ok
12:20:41.0496 2180  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:20:41.0556 2180  AppID - ok
12:20:41.0619 2180  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:20:41.0662 2180  AppIDSvc - ok
12:20:41.0774 2180  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
12:20:41.0827 2180  Appinfo - ok
12:20:42.0101 2180  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:20:42.0116 2180  Apple Mobile Device - ok
12:20:42.0194 2180  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:20:42.0212 2180  arc - ok
12:20:42.0291 2180  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:20:42.0310 2180  arcsas - ok
12:20:42.0807 2180  aspnet_state - ok
12:20:42.0865 2180  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:20:42.0921 2180  AsyncMac - ok
12:20:43.0019 2180  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:20:43.0040 2180  atapi - ok
12:20:43.0502 2180  [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:20:43.0542 2180  athr - ok
12:20:44.0665 2180  [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:20:44.0737 2180  atikmdag - ok
12:20:45.0104 2180  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:20:45.0158 2180  AudioEndpointBuilder - ok
12:20:45.0178 2180  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:20:45.0220 2180  AudioSrv - ok
12:20:45.0665 2180  [ 6C9D5BADC8F83D410A278717C2EEA6F6 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
12:20:45.0689 2180  AVP - ok
12:20:45.0750 2180  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:20:45.0785 2180  AxInstSV - ok
12:20:45.0991 2180  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:20:46.0023 2180  b06bdrv - ok
12:20:46.0154 2180  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:20:46.0180 2180  b57nd60a - ok
12:20:46.0596 2180  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
12:20:46.0640 2180  BCM43XX - ok
12:20:46.0722 2180  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:20:46.0748 2180  BDESVC - ok
12:20:46.0815 2180  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:20:46.0864 2180  Beep - ok
12:20:47.0428 2180  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:20:47.0484 2180  BFE - ok
12:20:47.0552 2180  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:20:47.0605 2180  BITS - ok
12:20:47.0664 2180  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:20:47.0680 2180  blbdrive - ok
12:20:47.0943 2180  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:20:47.0968 2180  Bonjour Service - ok
12:20:48.0041 2180  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:20:48.0061 2180  bowser - ok
12:20:48.0116 2180  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:20:48.0135 2180  BrFiltLo - ok
12:20:48.0159 2180  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:20:48.0178 2180  BrFiltUp - ok
12:20:48.0341 2180  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:20:48.0365 2180  Browser - ok
12:20:48.0447 2180  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:20:48.0467 2180  Brserid - ok
12:20:48.0489 2180  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:20:48.0511 2180  BrSerWdm - ok
12:20:48.0581 2180  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:20:48.0608 2180  BrUsbMdm - ok
12:20:48.0625 2180  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:20:48.0638 2180  BrUsbSer - ok
12:20:48.0758 2180  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:20:48.0775 2180  BthEnum - ok
12:20:48.0883 2180  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:20:48.0906 2180  BTHMODEM - ok
12:20:48.0986 2180  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:20:49.0009 2180  BthPan - ok
12:20:49.0260 2180  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
12:20:49.0282 2180  BTHPORT - ok
12:20:49.0406 2180  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:20:49.0457 2180  bthserv - ok
12:20:49.0536 2180  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
12:20:49.0551 2180  BTHUSB - ok
12:20:49.0602 2180  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:20:49.0648 2180  cdfs - ok
12:20:49.0750 2180  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:20:49.0772 2180  cdrom - ok
12:20:49.0876 2180  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:20:49.0924 2180  CertPropSvc - ok
12:20:50.0022 2180  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:20:50.0048 2180  circlass - ok
12:20:50.0162 2180  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:20:50.0193 2180  CLFS - ok
12:20:50.0674 2180  [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_DB37F995 C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe
12:20:50.0698 2180  CLKMSVC10_DB37F995 - ok
12:20:50.0751 2180  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:20:50.0763 2180  clr_optimization_v2.0.50727_32 - ok
12:20:51.0159 2180  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:20:51.0177 2180  clr_optimization_v2.0.50727_64 - ok
12:20:51.0505 2180  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:20:51.0523 2180  clr_optimization_v4.0.30319_32 - ok
12:20:51.0645 2180  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:20:51.0665 2180  clr_optimization_v4.0.30319_64 - ok
12:20:51.0703 2180  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:20:51.0720 2180  CmBatt - ok
12:20:51.0735 2180  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:20:51.0748 2180  cmdide - ok
12:20:51.0883 2180  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:20:51.0921 2180  CNG - ok
12:20:52.0042 2180  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:20:52.0063 2180  Compbatt - ok
12:20:52.0138 2180  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:20:52.0166 2180  CompositeBus - ok
12:20:52.0191 2180  COMSysApp - ok
12:20:52.0253 2180  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:20:52.0275 2180  crcdisk - ok
12:20:52.0370 2180  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:20:52.0395 2180  CryptSvc - ok
12:20:52.0697 2180  [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc    C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
12:20:52.0712 2180  DAUpdaterSvc - ok
12:20:52.0818 2180  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:20:52.0870 2180  DcomLaunch - ok
12:20:52.0912 2180  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:20:52.0950 2180  defragsvc - ok
12:20:53.0632 2180  [ D17845A5385BFCB838CDC532AF5E3E47 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
12:20:53.0689 2180  DevoloNetworkService - ok
12:20:53.0919 2180  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:20:53.0970 2180  DfsC - ok
12:20:54.0179 2180  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:20:54.0238 2180  Dhcp - ok
12:20:54.0292 2180  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:20:54.0354 2180  discache - ok
12:20:54.0493 2180  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:20:54.0516 2180  Disk - ok
12:20:55.0119 2180  [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr         C:\Windows\syswow64\Drivers\DKbFltr.sys
12:20:55.0133 2180  DKbFltr - ok
12:20:55.0198 2180  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:20:55.0221 2180  Dnscache - ok
12:20:55.0303 2180  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:20:55.0355 2180  dot3svc - ok
12:20:55.0553 2180  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:20:55.0612 2180  DPS - ok
12:20:55.0688 2180  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:20:55.0715 2180  drmkaud - ok
12:20:55.0839 2180  dump_wmimmc - ok
12:20:56.0168 2180  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:20:56.0210 2180  DXGKrnl - ok
12:20:56.0372 2180  EagleX64 - ok
12:20:56.0463 2180  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:20:56.0518 2180  EapHost - ok
12:20:57.0345 2180  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:20:57.0396 2180  ebdrv - ok
12:20:57.0448 2180  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:20:57.0464 2180  EFS - ok
12:20:57.0801 2180  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:20:57.0832 2180  ehRecvr - ok
12:20:57.0874 2180  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:20:57.0887 2180  ehSched - ok
12:20:58.0077 2180  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:20:58.0113 2180  elxstor - ok
12:20:58.0516 2180  [ FB67AA8AC61B9365ADD546139A21BED6 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:20:58.0549 2180  ePowerSvc - ok
12:20:58.0792 2180  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
12:20:58.0799 2180  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
12:20:58.0799 2180  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
12:20:58.0964 2180  [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
12:20:58.0985 2180  EPSON_EB_RPCV4_04 - ok
12:20:59.0074 2180  [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
12:20:59.0093 2180  EPSON_PM_RPCV4_04 - ok
12:20:59.0126 2180  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:20:59.0146 2180  ErrDev - ok
12:20:59.0304 2180  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:20:59.0381 2180  EventSystem - ok
12:20:59.0434 2180  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:20:59.0489 2180  exfat - ok
12:20:59.0535 2180  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:20:59.0594 2180  fastfat - ok
12:20:59.0762 2180  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:20:59.0793 2180  Fax - ok
12:20:59.0866 2180  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:20:59.0889 2180  fdc - ok
12:20:59.0940 2180  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:20:59.0987 2180  fdPHost - ok
12:21:00.0043 2180  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:21:00.0094 2180  FDResPub - ok
12:21:00.0146 2180  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:21:00.0167 2180  FileInfo - ok
12:21:00.0203 2180  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:21:00.0254 2180  Filetrace - ok
12:21:00.0318 2180  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:21:00.0341 2180  flpydisk - ok
12:21:00.0437 2180  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:21:00.0461 2180  FltMgr - ok
12:21:00.0637 2180  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
12:21:00.0678 2180  FontCache - ok
12:21:00.0856 2180  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:21:00.0873 2180  FontCache3.0.0.0 - ok
12:21:00.0933 2180  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:21:00.0955 2180  FsDepends - ok
12:21:00.0996 2180  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:21:01.0014 2180  Fs_Rec - ok
12:21:01.0110 2180  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:21:01.0131 2180  fvevol - ok
12:21:01.0208 2180  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:21:01.0229 2180  gagp30kx - ok
12:21:01.0427 2180  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:21:01.0442 2180  GEARAspiWDM - ok
12:21:01.0494 2180  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:21:01.0555 2180  gpsvc - ok
12:21:01.0851 2180  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
12:21:01.0887 2180  Greg_Service - ok
12:21:02.0236 2180  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:21:02.0254 2180  gupdate - ok
12:21:02.0391 2180  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:21:02.0409 2180  gupdatem - ok
12:21:02.0582 2180  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:21:02.0602 2180  gusvc - ok
12:21:02.0680 2180  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:21:02.0694 2180  hamachi - ok
12:21:03.0214 2180  [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:21:03.0258 2180  Hamachi2Svc - ok
12:21:03.0324 2180  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:21:03.0347 2180  hcw85cir - ok
12:21:03.0525 2180  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:21:03.0554 2180  HdAudAddService - ok
12:21:03.0615 2180  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:21:03.0638 2180  HDAudBus - ok
12:21:03.0740 2180  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:21:03.0757 2180  HECIx64 - ok
12:21:03.0816 2180  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:21:03.0838 2180  HidBatt - ok
12:21:03.0859 2180  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:21:03.0885 2180  HidBth - ok
12:21:03.0958 2180  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:21:03.0982 2180  HidIr - ok
12:21:04.0040 2180  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:21:04.0090 2180  hidserv - ok
12:21:04.0137 2180  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:21:04.0152 2180  HidUsb - ok
12:21:04.0424 2180  [ F2CEC7BA8D068671220026708C12EB84 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
12:21:04.0437 2180  HiPatchService - ok
12:21:04.0481 2180  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:21:04.0539 2180  hkmsvc - ok
12:21:04.0602 2180  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:21:04.0628 2180  HomeGroupListener - ok
12:21:04.0669 2180  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:21:04.0696 2180  HomeGroupProvider - ok
12:21:04.0775 2180  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:21:04.0795 2180  HpSAMD - ok
12:21:04.0961 2180  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:21:05.0016 2180  HTTP - ok
12:21:05.0066 2180  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:21:05.0086 2180  hwpolicy - ok
12:21:05.0197 2180  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:21:05.0220 2180  i8042prt - ok
12:21:05.0468 2180  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:21:05.0492 2180  IAANTMON - ok
12:21:05.0647 2180  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:21:05.0673 2180  iaStor - ok
12:21:05.0838 2180  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:21:05.0870 2180  iaStorV - ok
12:21:05.0998 2180  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:21:06.0005 2180  IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:21:06.0005 2180  IDriverT - detected UnsignedFile.Multi.Generic (1)
12:21:06.0266 2180  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:21:06.0301 2180  idsvc - ok
12:21:07.0544 2180  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:21:07.0619 2180  igfx - ok
12:21:07.0853 2180  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:21:07.0875 2180  iirsp - ok
12:21:08.0009 2180  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:21:08.0064 2180  IKEEXT - ok
12:21:08.0204 2180  [ 36FDF367A1DABFF903E2214023D71368 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
12:21:08.0224 2180  Impcd - ok
12:21:08.0741 2180  [ 42943BB3AB7A405B30EFF7C8283CC129 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:21:08.0793 2180  IntcAzAudAddService - ok
12:21:08.0861 2180  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:21:08.0881 2180  intelide - ok
12:21:08.0973 2180  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:21:08.0996 2180  intelppm - ok
12:21:09.0074 2180  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:21:09.0126 2180  IPBusEnum - ok
12:21:09.0224 2180  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:21:09.0271 2180  IpFilterDriver - ok
12:21:09.0448 2180  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:21:09.0514 2180  iphlpsvc - ok
12:21:09.0570 2180  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:21:09.0591 2180  IPMIDRV - ok
12:21:09.0648 2180  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:21:09.0712 2180  IPNAT - ok
12:21:10.0018 2180  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:21:10.0047 2180  iPod Service - ok
12:21:10.0087 2180  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:21:10.0103 2180  IRENUM - ok
12:21:10.0156 2180  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:21:10.0177 2180  isapnp - ok
12:21:10.0287 2180  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:21:10.0314 2180  iScsiPrt - ok
12:21:10.0474 2180  [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
12:21:10.0494 2180  k57nd60a - ok
12:21:10.0540 2180  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:21:10.0556 2180  kbdclass - ok
12:21:10.0591 2180  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:21:10.0604 2180  kbdhid - ok
12:21:10.0615 2180  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:21:10.0627 2180  KeyIso - ok
12:21:11.0063 2180  [ E656FE10D6D27794AFA08136685A69E8 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
12:21:11.0087 2180  KL1 - ok
12:21:11.0167 2180  [ D865DD8B0448E3F963D68C04C532858F ] kl2             C:\Windows\system32\DRIVERS\kl2.sys
12:21:11.0178 2180  kl2 - ok
12:21:11.0488 2180  [ 8490798365236B6C8E54DEDD27A42D07 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
12:21:11.0513 2180  KLIF - ok
12:21:11.0590 2180  [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
12:21:11.0601 2180  KLIM6 - ok
12:21:11.0671 2180  [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
12:21:11.0682 2180  klmouflt - ok
12:21:11.0747 2180  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
12:21:11.0759 2180  KMWDFILTER - ok
12:21:11.0790 2180  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:21:11.0802 2180  KSecDD - ok
12:21:11.0869 2180  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:21:11.0895 2180  KSecPkg - ok
12:21:11.0962 2180  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:21:12.0002 2180  ksthunk - ok
12:21:12.0100 2180  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:21:12.0150 2180  KtmRm - ok
12:21:12.0217 2180  [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
12:21:12.0232 2180  L1E - ok
12:21:12.0319 2180  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:21:12.0364 2180  LanmanServer - ok
12:21:12.0447 2180  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:21:12.0519 2180  LanmanWorkstation - ok
12:21:12.0575 2180  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:21:12.0629 2180  lltdio - ok
12:21:12.0729 2180  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:21:12.0783 2180  lltdsvc - ok
12:21:12.0842 2180  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:21:12.0887 2180  lmhosts - ok
12:21:13.0046 2180  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:21:13.0069 2180  LMS - ok
12:21:13.0137 2180  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:21:13.0152 2180  LSI_FC - ok
12:21:13.0168 2180  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:21:13.0184 2180  LSI_SAS - ok
12:21:13.0260 2180  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:21:13.0279 2180  LSI_SAS2 - ok
12:21:13.0308 2180  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:21:13.0328 2180  LSI_SCSI - ok
12:21:13.0347 2180  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:21:13.0382 2180  luafv - ok
12:21:13.0459 2180  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:21:13.0475 2180  Mcx2Svc - ok
12:21:13.0538 2180  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:21:13.0554 2180  megasas - ok
12:21:13.0650 2180  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:21:13.0679 2180  MegaSR - ok
12:21:13.0742 2180  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:21:13.0799 2180  MMCSS - ok
12:21:13.0832 2180  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:21:13.0881 2180  Modem - ok
12:21:13.0906 2180  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:21:13.0921 2180  monitor - ok
12:21:13.0988 2180  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:21:14.0008 2180  mouclass - ok
12:21:14.0079 2180  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:21:14.0100 2180  mouhid - ok
12:21:14.0166 2180  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:21:14.0189 2180  mountmgr - ok
12:21:14.0268 2180  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:21:14.0290 2180  mpio - ok
12:21:14.0331 2180  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:21:14.0386 2180  mpsdrv - ok
12:21:14.0612 2180  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:21:14.0678 2180  MpsSvc - ok
12:21:14.0742 2180  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:21:14.0776 2180  MRxDAV - ok
12:21:14.0820 2180  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:21:14.0836 2180  mrxsmb - ok
12:21:14.0902 2180  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:21:14.0922 2180  mrxsmb10 - ok
12:21:14.0972 2180  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:21:14.0987 2180  mrxsmb20 - ok
12:21:15.0066 2180  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:21:15.0082 2180  msahci - ok
12:21:15.0136 2180  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:21:15.0156 2180  msdsm - ok
12:21:15.0210 2180  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:21:15.0226 2180  MSDTC - ok
12:21:15.0284 2180  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:21:15.0340 2180  Msfs - ok
12:21:15.0420 2180  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:21:15.0477 2180  mshidkmdf - ok
12:21:15.0515 2180  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:21:15.0525 2180  msisadrv - ok
12:21:15.0628 2180  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:21:15.0690 2180  MSiSCSI - ok
12:21:15.0693 2180  msiserver - ok
12:21:15.0745 2180  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:21:15.0786 2180  MSKSSRV - ok
12:21:15.0813 2180  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:21:15.0852 2180  MSPCLOCK - ok
12:21:15.0873 2180  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:21:15.0906 2180  MSPQM - ok
12:21:16.0020 2180  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:21:16.0046 2180  MsRPC - ok
12:21:16.0093 2180  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:21:16.0109 2180  mssmbios - ok
12:21:16.0164 2180  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:21:16.0216 2180  MSTEE - ok
12:21:16.0234 2180  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:21:16.0246 2180  MTConfig - ok
12:21:16.0321 2180  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:21:16.0336 2180  Mup - ok
12:21:16.0452 2180  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:21:16.0464 2180  mwlPSDFilter - ok
12:21:16.0789 2180  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:21:16.0804 2180  mwlPSDNServ - ok
12:21:16.0924 2180  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:21:16.0938 2180  mwlPSDVDisk - ok
12:21:17.0258 2180  [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
12:21:17.0280 2180  MWLService - ok
12:21:17.0422 2180  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:21:17.0476 2180  napagent - ok
12:21:17.0603 2180  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:21:17.0631 2180  NativeWifiP - ok
12:21:17.0727 2180  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:21:17.0758 2180  NDIS - ok
12:21:17.0810 2180  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:21:17.0849 2180  NdisCap - ok
12:21:17.0893 2180  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:21:17.0933 2180  NdisTapi - ok
12:21:18.0016 2180  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:21:18.0061 2180  Ndisuio - ok
12:21:18.0147 2180  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:21:18.0197 2180  NdisWan - ok
12:21:18.0263 2180  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:21:18.0306 2180  NDProxy - ok
12:21:18.0400 2180  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:21:18.0449 2180  NetBIOS - ok
12:21:18.0533 2180  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:21:18.0588 2180  NetBT - ok
12:21:18.0604 2180  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:21:18.0616 2180  Netlogon - ok
12:21:18.0765 2180  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:21:18.0815 2180  Netman - ok
12:21:18.0893 2180  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:21:18.0947 2180  netprofm - ok
12:21:19.0007 2180  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:21:19.0028 2180  NetTcpPortSharing - ok
12:21:19.0102 2180  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:21:19.0121 2180  nfrd960 - ok
12:21:19.0207 2180  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:21:19.0257 2180  NlaSvc - ok
12:21:19.0341 2180  [ A9F5B160FA004549403D77005928FA45 ] nmwcdcmx64      C:\Windows\system32\drivers\nmwcdcmx64.sys
12:21:19.0362 2180  nmwcdcmx64 - ok
12:21:19.0458 2180  [ 216BDF8B1017BB52692C9EE3C1E50597 ] nmwcdcx64       C:\Windows\system32\drivers\ccdcmbox64.sys
12:21:19.0484 2180  nmwcdcx64 - ok
12:21:19.0565 2180  [ AD8C3895155EE8D057F073856B2D5851 ] nmwcdx64        C:\Windows\system32\drivers\nmwcdx64.sys
12:21:19.0587 2180  nmwcdx64 - ok
12:21:19.0630 2180  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:21:19.0677 2180  Npfs - ok
12:21:20.0778 2180  [ 49697C2C761ACB5C0DE99CC8FE93E95B ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
12:21:20.0795 2180  NPF_devolo - ok
12:21:20.0928 2180  npggsvc - ok
12:21:21.0003 2180  NPPTNT2 - ok
12:21:21.0074 2180  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:21:21.0125 2180  nsi - ok
12:21:21.0151 2180  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:21:21.0186 2180  nsiproxy - ok
12:21:21.0504 2180  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:21:21.0546 2180  Ntfs - ok
12:21:21.0709 2180  [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:21:21.0725 2180  NTI IScheduleSvc - ok
12:21:21.0864 2180  [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:21:21.0879 2180  NTIBackupSvc - ok
12:21:21.0994 2180  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:21:22.0009 2180  NTIDrvr - ok
12:21:22.0080 2180  [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:21:22.0095 2180  NTISchedulerSvc - ok
12:21:22.0147 2180  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:21:22.0200 2180  Null - ok
12:21:22.0285 2180  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:21:22.0308 2180  nvraid - ok
12:21:22.0372 2180  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:21:22.0397 2180  nvstor - ok
12:21:22.0446 2180  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:21:22.0466 2180  nv_agp - ok
12:21:22.0761 2180  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:21:22.0790 2180  odserv - ok
12:21:22.0852 2180  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:21:22.0869 2180  ohci1394 - ok
12:21:23.0010 2180  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:21:23.0026 2180  ose - ok
12:21:23.0145 2180  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:21:23.0172 2180  p2pimsvc - ok
12:21:23.0311 2180  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:21:23.0335 2180  p2psvc - ok
12:21:23.0371 2180  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:21:23.0387 2180  Parport - ok
12:21:23.0451 2180  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:21:23.0468 2180  partmgr - ok
12:21:23.0558 2180  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:21:23.0590 2180  PcaSvc - ok
12:21:23.0678 2180  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:21:23.0702 2180  pci - ok
12:21:23.0769 2180  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:21:23.0781 2180  pciide - ok
12:21:23.0883 2180  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:21:23.0911 2180  pcmcia - ok
12:21:23.0954 2180  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:21:23.0970 2180  pcw - ok
12:21:24.0095 2180  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:21:24.0158 2180  PEAUTH - ok
12:21:24.0192 2180  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:21:24.0209 2180  PerfHost - ok
12:21:24.0276 2180  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:21:24.0333 2180  pla - ok
12:21:24.0410 2180  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:21:24.0439 2180  PlugPlay - ok
12:21:24.0557 2180  PnkBstrA - ok
12:21:24.0588 2180  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:21:24.0608 2180  PNRPAutoReg - ok
12:21:24.0722 2180  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:21:24.0742 2180  PNRPsvc - ok
12:21:24.0825 2180  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:21:24.0881 2180  PolicyAgent - ok
12:21:24.0971 2180  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:21:25.0023 2180  Power - ok
12:21:25.0098 2180  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:21:25.0146 2180  PptpMiniport - ok
12:21:25.0203 2180  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:21:25.0227 2180  Processor - ok
12:21:25.0302 2180  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:21:25.0336 2180  ProfSvc - ok
12:21:25.0370 2180  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:21:25.0385 2180  ProtectedStorage - ok
12:21:25.0464 2180  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:21:25.0512 2180  Psched - ok
12:21:25.0698 2180  [ F2EECF8977BD3FE4E38743DDCFBECD20 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:21:25.0708 2180  PxHlpa64 - ok
12:21:26.0078 2180  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:21:26.0114 2180  ql2300 - ok
12:21:26.0208 2180  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:21:26.0236 2180  ql40xx - ok
12:21:26.0280 2180  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:21:26.0299 2180  QWAVE - ok
12:21:26.0315 2180  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:21:26.0331 2180  QWAVEdrv - ok
12:21:26.0382 2180  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:21:26.0417 2180  RasAcd - ok
12:21:26.0484 2180  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:21:26.0546 2180  RasAgileVpn - ok
12:21:26.0618 2180  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:21:26.0661 2180  RasAuto - ok
12:21:26.0739 2180  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:21:26.0785 2180  Rasl2tp - ok
12:21:26.0873 2180  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:21:26.0933 2180  RasMan - ok
12:21:27.0008 2180  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:21:27.0061 2180  RasPppoe - ok
12:21:27.0100 2180  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:21:27.0143 2180  RasSstp - ok
12:21:27.0258 2180  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:21:27.0308 2180  rdbss - ok
12:21:27.0348 2180  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:21:27.0369 2180  rdpbus - ok
12:21:27.0517 2180  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:21:27.0571 2180  RDPCDD - ok
12:21:27.0623 2180  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:21:27.0657 2180  RDPENCDD - ok
12:21:27.0703 2180  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:21:27.0760 2180  RDPREFMP - ok
12:21:27.0834 2180  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:21:27.0858 2180  RDPWD - ok
12:21:27.0997 2180  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:21:28.0023 2180  rdyboost - ok
12:21:28.0126 2180  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:21:28.0182 2180  RemoteAccess - ok
12:21:28.0257 2180  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:21:28.0312 2180  RemoteRegistry - ok
12:21:28.0432 2180  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:21:28.0460 2180  RFCOMM - ok
12:21:28.0524 2180  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:21:28.0568 2180  RpcEptMapper - ok
12:21:28.0625 2180  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:21:28.0641 2180  RpcLocator - ok
12:21:29.0089 2180  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:21:29.0147 2180  RpcSs - ok
12:21:29.0356 2180  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:21:29.0406 2180  rspndr - ok
12:21:30.0246 2180  [ B5A4B7D779CF4070DF408DE18BD33B02 ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:21:30.0258 2180  RS_Service ( UnsignedFile.Multi.Generic ) - warning
12:21:30.0258 2180  RS_Service - detected UnsignedFile.Multi.Generic (1)
12:21:30.0415 2180  [ 7421A35C45484B95E83B5E9E107CEFC2 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:21:30.0433 2180  RTHDMIAzAudService - ok
12:21:30.0458 2180  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:21:30.0471 2180  SamSs - ok
12:21:30.0523 2180  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:21:30.0538 2180  sbp2port - ok
12:21:30.0619 2180  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:21:30.0666 2180  SCardSvr - ok
12:21:30.0692 2180  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:21:30.0732 2180  scfilter - ok
12:21:31.0013 2180  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:21:31.0071 2180  Schedule - ok
12:21:31.0118 2180  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:21:31.0162 2180  SCPolicySvc - ok
12:21:31.0181 2180  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:21:31.0194 2180  SDRSVC - ok
12:21:31.0261 2180  [ 3EA8A16169C26AFBEB544E0E48421186 ] Secdrv          C:\Windows\system32\drivers\SECDRV.SYS
12:21:31.0322 2180  Secdrv - ok
12:21:31.0362 2180  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:21:31.0429 2180  seclogon - ok
12:21:31.0499 2180  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:21:31.0557 2180  SENS - ok
12:21:31.0618 2180  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:21:31.0642 2180  SensrSvc - ok
12:21:31.0725 2180  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:21:31.0746 2180  Serenum - ok
12:21:31.0840 2180  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:21:31.0856 2180  Serial - ok
12:21:31.0965 2180  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:21:31.0988 2180  sermouse - ok
12:21:32.0038 2180  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:21:32.0085 2180  SessionEnv - ok
12:21:32.0123 2180  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:21:32.0142 2180  sffdisk - ok
12:21:32.0199 2180  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:21:32.0221 2180  sffp_mmc - ok
12:21:32.0261 2180  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:21:32.0279 2180  sffp_sd - ok
12:21:32.0323 2180  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:21:32.0338 2180  sfloppy - ok
12:21:32.0437 2180  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:21:32.0495 2180  SharedAccess - ok
12:21:32.0650 2180  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:21:32.0707 2180  ShellHWDetection - ok
12:21:32.0752 2180  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:21:32.0766 2180  SiSRaid2 - ok
12:21:32.0842 2180  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:21:32.0858 2180  SiSRaid4 - ok
12:21:33.0013 2180  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:21:33.0030 2180  SkypeUpdate - ok
12:21:33.0066 2180  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:21:33.0118 2180  Smb - ok
12:21:33.0236 2180  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:21:33.0262 2180  SNMPTRAP - ok
12:21:33.0297 2180  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:21:33.0315 2180  spldr - ok
12:21:33.0494 2180  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:21:33.0524 2180  Spooler - ok
12:21:34.0277 2180  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:21:34.0352 2180  sppsvc - ok
12:21:34.0443 2180  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:21:34.0499 2180  sppuinotify - ok
12:21:34.0662 2180  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:21:34.0688 2180  srv - ok
12:21:34.0832 2180  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:21:34.0858 2180  srv2 - ok
12:21:34.0966 2180  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:21:34.0989 2180  srvnet - ok
12:21:35.0184 2180  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
12:21:35.0206 2180  ssadbus - ok
12:21:35.0262 2180  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:21:35.0277 2180  ssadmdfl - ok
12:21:35.0360 2180  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
12:21:35.0385 2180  ssadmdm - ok
12:21:35.0667 2180  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
12:21:35.0688 2180  ssadserd - ok
12:21:35.0794 2180  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:21:35.0849 2180  SSDPSRV - ok
12:21:35.0899 2180  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:21:35.0955 2180  SstpSvc - ok
12:21:36.0162 2180  Steam Client Service - ok
12:21:36.0219 2180  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:21:36.0237 2180  stexstor - ok
12:21:36.0347 2180  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:21:36.0384 2180  stisvc - ok
12:21:36.0440 2180  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:21:36.0450 2180  swenum - ok
12:21:36.0524 2180  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:21:36.0575 2180  swprv - ok
12:21:36.0905 2180  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:21:36.0943 2180  SysMain - ok
12:21:37.0184 2180  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:21:37.0220 2180  TabletInputService - ok
12:21:37.0501 2180  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:21:37.0561 2180  TapiSrv - ok
12:21:37.0709 2180  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:21:37.0764 2180  TBS - ok
12:21:38.0389 2180  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:21:38.0436 2180  Tcpip - ok
12:21:38.0680 2180  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:21:38.0719 2180  TCPIP6 - ok
12:21:38.0770 2180  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:21:38.0814 2180  tcpipreg - ok
12:21:38.0865 2180  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:21:38.0879 2180  TDPIPE - ok
12:21:38.0930 2180  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:21:38.0967 2180  TDTCP - ok
12:21:39.0001 2180  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:21:39.0059 2180  tdx - ok
12:21:39.0137 2180  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:21:39.0155 2180  TermDD - ok
12:21:39.0253 2180  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:21:39.0297 2180  TermService - ok
12:21:39.0352 2180  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:21:39.0395 2180  Themes - ok
12:21:39.0441 2180  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:21:39.0480 2180  THREADORDER - ok
12:21:39.0550 2180  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
12:21:39.0555 2180  TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
12:21:39.0555 2180  TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
12:21:39.0605 2180  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:21:39.0654 2180  TrkWks - ok
12:21:39.0766 2180  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:21:39.0816 2180  TrustedInstaller - ok
12:21:39.0861 2180  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:21:39.0904 2180  tssecsrv - ok
12:21:40.0003 2180  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:21:40.0023 2180  TsUsbFlt - ok
12:21:40.0123 2180  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:21:40.0172 2180  tunnel - ok
12:21:40.0312 2180  [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:21:40.0327 2180  TurboB - ok
12:21:40.0368 2180  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:21:40.0386 2180  uagp35 - ok
12:21:40.0514 2180  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:21:40.0530 2180  UBHelper - ok
12:21:40.0623 2180  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:21:40.0678 2180  udfs - ok
12:21:40.0823 2180  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:21:40.0847 2180  UI0Detect - ok
12:21:40.0875 2180  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:21:40.0889 2180  uliagpkx - ok
12:21:41.0193 2180  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:21:41.0216 2180  umbus - ok
12:21:41.0307 2180  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:21:41.0327 2180  UmPass - ok
12:21:42.0006 2180  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:21:42.0050 2180  UNS - ok
12:21:42.0271 2180  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:21:42.0294 2180  Updater Service - ok
12:21:42.0408 2180  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:21:42.0460 2180  upnphost - ok
12:21:42.0571 2180  [ F49988FBF59413B974B1380D6F743EBC ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
12:21:42.0598 2180  upperdev - ok
12:21:42.0687 2180  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:21:42.0703 2180  USBAAPL64 - ok
12:21:42.0859 2180  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:21:42.0889 2180  usbaudio - ok
12:21:42.0973 2180  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:21:42.0993 2180  usbccgp - ok
12:21:43.0070 2180  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:21:43.0096 2180  usbcir - ok
12:21:43.0183 2180  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:21:43.0205 2180  usbehci - ok
12:21:43.0304 2180  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:21:43.0333 2180  usbhub - ok
12:21:43.0370 2180  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:21:43.0384 2180  usbohci - ok
12:21:43.0468 2180  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:21:43.0500 2180  usbprint - ok
12:21:43.0631 2180  [ 0FE9E048FC762DCAC087CB9EE1680079 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
12:21:43.0661 2180  UsbserFilt - ok
12:21:43.0710 2180  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:21:43.0733 2180  USBSTOR - ok
12:21:43.0798 2180  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:21:43.0816 2180  usbuhci - ok
12:21:43.0950 2180  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:21:43.0980 2180  usbvideo - ok
12:21:44.0042 2180  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:21:44.0089 2180  UxSms - ok
12:21:44.0113 2180  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:21:44.0126 2180  VaultSvc - ok
12:21:44.0207 2180  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
12:21:44.0227 2180  VClone - ok
12:21:44.0305 2180  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:21:44.0321 2180  vdrvroot - ok
12:21:44.0515 2180  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:21:44.0567 2180  vds - ok
12:21:44.0637 2180  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:21:44.0658 2180  vga - ok
12:21:44.0715 2180  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:21:44.0762 2180  VgaSave - ok
12:21:44.0848 2180  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:21:44.0875 2180  vhdmp - ok
12:21:44.0922 2180  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:21:44.0936 2180  viaide - ok
12:21:45.0009 2180  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:21:45.0029 2180  volmgr - ok
12:21:45.0152 2180  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:21:45.0172 2180  volmgrx - ok
12:21:45.0285 2180  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:21:45.0308 2180  volsnap - ok
12:21:45.0425 2180  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:21:45.0442 2180  vsmraid - ok
12:21:45.0656 2180  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:21:45.0706 2180  VSS - ok
12:21:45.0789 2180  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:21:45.0820 2180  vwifibus - ok
12:21:45.0856 2180  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:21:45.0888 2180  vwififlt - ok
12:21:45.0976 2180  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:21:46.0008 2180  vwifimp - ok
12:21:46.0145 2180  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:21:46.0204 2180  W32Time - ok
12:21:46.0287 2180  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:21:46.0310 2180  WacomPen - ok
12:21:46.0412 2180  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:21:46.0475 2180  WANARP - ok
12:21:46.0498 2180  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:21:46.0545 2180  Wanarpv6 - ok
12:21:46.0792 2180  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:21:46.0830 2180  wbengine - ok
12:21:46.0906 2180  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:21:46.0941 2180  WbioSrvc - ok
12:21:46.0993 2180  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:21:47.0022 2180  wcncsvc - ok
12:21:47.0099 2180  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:21:47.0117 2180  WcsPlugInService - ok
12:21:47.0191 2180  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:21:47.0212 2180  Wd - ok
12:21:47.0326 2180  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:21:47.0359 2180  Wdf01000 - ok
12:21:47.0384 2180  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:21:47.0406 2180  WdiServiceHost - ok
12:21:47.0409 2180  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:21:47.0427 2180  WdiSystemHost - ok
12:21:47.0509 2180  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:21:47.0545 2180  WebClient - ok
12:21:47.0635 2180  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:21:47.0681 2180  Wecsvc - ok
12:21:47.0744 2180  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:21:47.0797 2180  wercplsupport - ok
12:21:47.0896 2180  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:21:47.0964 2180  WerSvc - ok
12:21:48.0079 2180  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:21:48.0131 2180  WfpLwf - ok
12:21:48.0173 2180  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:21:48.0194 2180  WIMMount - ok
12:21:48.0248 2180  WinDefend - ok
12:21:48.0254 2180  WinHttpAutoProxySvc - ok
12:21:48.0543 2180  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:21:48.0601 2180  Winmgmt - ok
12:21:49.0006 2180  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
12:21:49.0024 2180  WinRing0_1_2_0 - ok
12:21:49.0514 2180  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:21:49.0595 2180  WinRM - ok
12:21:49.0733 2180  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:21:49.0753 2180  WinUsb - ok
12:21:50.0014 2180  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:21:50.0045 2180  Wlansvc - ok
12:21:50.0195 2180  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:21:50.0206 2180  wlcrasvc - ok
12:21:50.0524 2180  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:21:50.0571 2180  wlidsvc - ok
12:21:50.0885 2180  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:21:50.0904 2180  WmiAcpi - ok
12:21:51.0234 2180  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:21:51.0255 2180  wmiApSrv - ok
12:21:51.0296 2180  WMPNetworkSvc - ok
12:21:51.0391 2180  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:21:51.0415 2180  WPCSvc - ok
12:21:51.0467 2180  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:21:51.0499 2180  WPDBusEnum - ok
12:21:51.0562 2180  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:21:51.0605 2180  ws2ifsl - ok
12:21:51.0683 2180  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:21:51.0715 2180  wscsvc - ok
12:21:51.0810 2180  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:21:51.0839 2180  WSDPrintDevice - ok
12:21:51.0932 2180  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
12:21:51.0957 2180  WSDScan - ok
12:21:51.0961 2180  WSearch - ok
12:21:52.0592 2180  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:21:52.0647 2180  wuauserv - ok
12:21:52.0890 2180  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:21:52.0945 2180  WudfPf - ok
12:21:53.0092 2180  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:21:53.0155 2180  WUDFRd - ok
12:21:53.0206 2180  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:21:53.0261 2180  wudfsvc - ok
12:21:53.0364 2180  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:21:53.0397 2180  WwanSvc - ok
12:21:54.0764 2180  X6va008 - ok
12:21:55.0135 2180  [ 74983ADDCA2D9618512C088D856D6615 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
12:21:55.0154 2180  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
12:21:55.0331 2180  ================ Scan global ===============================
12:21:55.0382 2180  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:21:55.0477 2180  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:21:55.0487 2180  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:21:55.0528 2180  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:21:55.0664 2180  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:21:55.0668 2180  [Global] - ok
12:21:55.0668 2180  ================ Scan MBR ==================================
12:21:55.0691 2180  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:21:57.0569 2180  \Device\Harddisk0\DR0 - ok
12:21:57.0570 2180  ================ Scan VBR ==================================
12:21:57.0619 2180  [ D0BE4B648729379A16868F006BC416EB ] \Device\Harddisk0\DR0\Partition1
12:21:57.0622 2180  \Device\Harddisk0\DR0\Partition1 - ok
12:21:57.0655 2180  [ B759B761937B7659D62FA3C7AC860556 ] \Device\Harddisk0\DR0\Partition2
12:21:57.0658 2180  \Device\Harddisk0\DR0\Partition2 - ok
12:21:57.0659 2180  ============================================================
12:21:57.0659 2180  Scan finished
12:21:57.0659 2180  ============================================================
12:21:57.0662 3952  Detected object count: 4
12:21:57.0662 3952  Actual detected object count: 4
12:22:02.0756 3952  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:02.0756 3952  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:22:02.0757 3952  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:02.0757 3952  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:22:02.0757 3952  RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:02.0757 3952  RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:22:02.0758 3952  TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:02.0758 3952  TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
Und hier die Auswertung von aswMBR
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-08 12:01:44
-----------------------------
12:01:44.546    OS Version: Windows x64 6.1.7601 Service Pack 1
12:01:44.546    Number of processors: 4 586 0x2502
12:01:44.546    ComputerName: TORBEN-PC  UserName: Torben
12:01:46.715    Initialize success
12:05:47.050    AVAST engine defs: 12110800
12:09:18.963    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:09:18.967    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
12:09:18.979    Disk 0 MBR read successfully
12:09:18.983    Disk 0 MBR scan
12:09:18.989    Disk 0 Windows VISTA default MBR code
12:09:18.994    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
12:09:19.007    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 24578048
12:09:19.020    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       598378 MB offset 24782848
12:09:19.062    Disk 0 scanning C:\Windows\system32\drivers
12:09:32.236    Service scanning
12:10:22.360    Modules scanning
12:10:22.371    Disk 0 trace - called modules:
12:10:22.398    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys 
12:10:22.408    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d8d060]
12:10:22.415    3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a2a050]
12:10:27.931    AVAST engine scan C:\Windows
12:10:35.587    AVAST engine scan C:\Windows\system32
12:17:18.894    AVAST engine scan C:\Windows\system32\drivers
12:17:36.026    AVAST engine scan C:\Users\Torben
12:20:41.202    Disk 0 MBR has been saved successfully to "C:\Users\Torben\Desktop\MBR.dat"
12:20:41.209    The log file has been saved successfully to "C:\Users\Torben\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-08 12:01:44
-----------------------------
12:01:44.546    OS Version: Windows x64 6.1.7601 Service Pack 1
12:01:44.546    Number of processors: 4 586 0x2502
12:01:44.546    ComputerName: TORBEN-PC  UserName: Torben
12:01:46.715    Initialize success
12:05:47.050    AVAST engine defs: 12110800
12:09:18.963    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:09:18.967    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
12:09:18.979    Disk 0 MBR read successfully
12:09:18.983    Disk 0 MBR scan
12:09:18.989    Disk 0 Windows VISTA default MBR code
12:09:18.994    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
12:09:19.007    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 24578048
12:09:19.020    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       598378 MB offset 24782848
12:09:19.062    Disk 0 scanning C:\Windows\system32\drivers
12:09:32.236    Service scanning
12:10:22.360    Modules scanning
12:10:22.371    Disk 0 trace - called modules:
12:10:22.398    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys 
12:10:22.408    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d8d060]
12:10:22.415    3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a2a050]
12:10:27.931    AVAST engine scan C:\Windows
12:10:35.587    AVAST engine scan C:\Windows\system32
12:17:18.894    AVAST engine scan C:\Windows\system32\drivers
12:17:36.026    AVAST engine scan C:\Users\Torben
12:20:41.202    Disk 0 MBR has been saved successfully to "C:\Users\Torben\Desktop\MBR.dat"
12:20:41.209    The log file has been saved successfully to "C:\Users\Torben\Desktop\aswMBR.txt"
12:23:44.751    Disk 0 MBR has been saved successfully to "C:\Users\Torben\Desktop\MBR.dat"
12:23:44.758    The log file has been saved successfully to "C:\Users\Torben\Desktop\aswMBR.txt"

Alt 08.11.2012, 13:52   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Die Logs sind unauffällig, aber du hast da einiges an Toolbar/Adwareschrott drin

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.11.2012, 14:01   #15
Schnitzelfre
 
Prozess csrss.exe läuft zwei mal - Standard

Prozess csrss.exe läuft zwei mal


Code:
ATTFilter
# AdwCleaner v2.007 - Datei am 08/11/2012 um 13:59:45 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Torben - TORBEN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Torben\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Windows\SysWOW64\conduitEngine.tmp
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\ConduitEngine
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\Torben\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Torben\AppData\Local\Temp\boost_interprocess
Ordner Gefunden : C:\Users\Torben\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Torben\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\Torben\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Torben_2\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Torben_2\AppData\LocalLow\ConduitEngine

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{06C0CDBB-88D4-4EBA-8CF7-4227A93C8502}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine 
Schlüssel Gefunden : HKU\S-1-5-21-4146755390-1899032672-475610802-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Torben\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Torben_2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4930 octets] - [08/11/2012 13:59:45]

########## EOF - C:\AdwCleaner[R1].txt - [4990 octets] ##########
Rainmeter hab ich deinstalliert und Rocket Dock ist wirklich hilfreich, falls du die Prgramme meinst.

Antwort
Seite 1 von 3 1 23

Themen zu Prozess csrss.exe läuft zwei mal
acrobat update, akamai, bho, bonjour, converter, csrss.exe doppelt, desktop, excel, firefox, flash player, hijack, hijackthis, internet, internet explorer, kaspersky, launch, logfile, mozilla, mp3, mywinlocker, plug-in, prozess, prozesse, scan, security, software, symantec, system, tastatur, windows


« Ihavenet.com - Virus | Zeus Trojaner?? »


Ähnliche Themen: Prozess csrss.exe läuft zwei mal


  1. Windows 8.1, "BKA/Interpol-Virus", Rechner läuft, Prozess im TM deaktiviert
    Log-Analyse und Auswertung - 15.02.2015 (23)
  2. Mein PC läuft immer bei einer CPU Auslastung von 100% bzw meistens - er läuft viel zu langsam
    Plagegeister aller Art und deren Bekämpfung - 25.01.2015 (1)
  3. Tune up 2014 Defrag läuft und läuft und läuft und
    Alles rund um Windows - 20.11.2013 (2)
  4. Frisches Windows 7 64-Bit System, mit zwei laufenden csrss.exe Prozessen, deren Dateipfad unbekannt ist. Könnte das Malware sein?
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (3)
  5. VLC Prozess läuft aber Anwendung nicht
    Log-Analyse und Auswertung - 16.06.2013 (9)
  6. PC läuft sehr langsam; MBAM liefert zwei Treffer
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (17)
  7. csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert)
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (86)
  8. Internet Explorer Prozess (NUR PROZESS) iexplore.exe startet sich selbst 3 mal
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (21)
  9. Wave wird leise, der Internet Explorer popt und iexplore.exe läuft als Prozess!
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (19)
  10. Internet Explorer Prozess (NUR PROZESS) iexplore.exe startet sich selbst 3 mal
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (9)
  11. Prozess rundll32.exe läuft doppelt
    Plagegeister aller Art und deren Bekämpfung - 12.01.2010 (1)
  12. Hab Prozess csrss.exe
    Plagegeister aller Art und deren Bekämpfung - 29.06.2009 (1)
  13. PC läuft langsam und habe irg ein "avp.exe" Prozess am laufen =(
    Log-Analyse und Auswertung - 23.01.2009 (0)
  14. iexplorer.exe läuft und läuft und läuft im taskmanager
    Log-Analyse und Auswertung - 24.07.2008 (7)
  15. Hilfe, mein Rechner läuft kaum noch! Kann keine zwei programme nebeneinander laufen!
    Log-Analyse und Auswertung - 01.04.2006 (11)
  16. Prozess: IEXPLORE.EXE läuft ständig
    Log-Analyse und Auswertung - 30.08.2005 (4)
  17. Merkwürdiger Prozess (smss.exe und csrss.exe)
    Archiv - 20.01.2003 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Prozess csrss.exe läuft zwei mal - Guten Tag, ich bin momentan auf Virensuche bei den Prozessen. Ich habe meine Prozesse mit dem Security Task Manager angesehen und bemerkt, dass ein Prozess zweimal läuft. Dann habe ich - Prozess csrss.exe läuft zwei mal...
Archiv
Du betrachtest: Prozess csrss.exe läuft zwei mal auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131