|
Plagegeister aller Art und deren Bekämpfung: Iminent - Deinstallation erfolglosWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.07.2013, 23:20 | #1 |
| Iminent - Deinstallation erfolglos Hey=) Wie so manche hier, habe ich auch ein Problem mit Iminent, dass wie aus dem Nichts aufgetaucht ist. Ich habe bereits die übliche Deinstallation über die Systemsteuerung gemacht, aber das leider erfolgslos. Weitere Schritte habe ich noch nicht unternommen, da ich mich einfach zu wenig auskenne. Die nötigen Scans zur Vorarbeit (OTL, gmer) habe ich schon gemacht. Vielen Dank schon mal im Voraus!!! OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.07.2013 23:05:03 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AnneLiese\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 65,39% Memory free 7,73 Gb Paging File | 5,99 Gb Available in Paging File | 77,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222,08 Gb Total Space | 72,39 Gb Free Space | 32,60% Space Free | Partition Type: NTFS Drive D: | 222,10 Gb Total Space | 105,52 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 3,62 Gb Total Space | 2,19 Gb Free Space | 60,47% Space Free | Partition Type: FAT32 Computer Name: ANNELIESE-PC | User Name: AnneLiese | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.05 23:03:14 | 000,050,477 | ---- | M] () -- C:\Users\AnneLiese\Desktop\Defogger.exe PRC - [2013.07.05 23:01:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AnneLiese\Desktop\OTL.exe PRC - [2013.03.26 17:43:45 | 000,703,888 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe PRC - [2013.03.26 17:43:31 | 000,555,408 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe PRC - [2012.12.10 19:55:10 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\AnneLiese\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012.11.19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012.11.02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe PRC - [2012.10.02 14:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.07.27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2011.06.17 03:22:58 | 000,266,496 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2011.06.17 03:22:44 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2011.05.26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2011.04.22 19:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2011.04.03 00:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2011.03.29 05:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2011.03.29 05:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2011.03.22 18:22:04 | 001,406,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe PRC - [2011.01.14 11:55:14 | 000,572,712 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010.08.10 11:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.08.10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.08.10 11:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.04.13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.03.18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe ========== Modules (No Company Name) ========== MOD - [2013.07.05 23:03:14 | 000,050,477 | ---- | M] () -- C:\Users\AnneLiese\Desktop\Defogger.exe MOD - [2013.03.26 17:44:18 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2010.12.22 20:22:32 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll MOD - [2009.05.20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll ========== Services (SafeList) ========== SRV - [2013.07.03 20:25:13 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.26 17:43:31 | 000,555,408 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.11.02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.10.02 14:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.05.29 12:04:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.06.17 03:22:44 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011.05.26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2011.04.22 19:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV - [2011.04.03 00:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2011.01.14 11:55:14 | 000,572,712 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.01.05 15:23:58 | 000,867,712 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.22 00:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.06.02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.04.13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.03.18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2009.11.02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.11 03:18:40 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2013.03.26 17:18:20 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock) DRV:64bit: - [2012.12.10 04:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.11.08 04:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.08.03 21:38:55 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva) DRV:64bit: - [2012.04.19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter) DRV:64bit: - [2011.11.07 18:05:09 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2011.11.07 18:05:09 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2011.11.07 18:05:09 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.06.08 18:36:14 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2011.03.10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.09.22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.05.15 05:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010.04.13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.02.27 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.12.10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.12.02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2009.12.02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2009.12.02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2009.12.02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2009.11.02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.09.17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:6.25.4.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - prefs.js..network.proxy.autoconfig_url: ".mozilla.org, .net.de, 188.40.83.84/3128" FF - prefs.js..network.proxy.http: "46.4.150.9" FF - prefs.js..network.proxy.http_port: 1080 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.socks_version: 4 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\AnneLiese\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.03 20:25:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.03 20:25:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.05 13:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnneLiese\AppData\Roaming\mozilla\Extensions [2013.07.05 19:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnneLiese\AppData\Roaming\mozilla\Firefox\Profiles\sf53va8u.default\extensions [2013.02.09 17:33:57 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\AnneLiese\AppData\Roaming\mozilla\firefox\profiles\sf53va8u.default\extensions\stealthyextension@gmail.com.xpi [2013.06.20 15:40:21 | 000,663,388 | ---- | M] () (No name found) -- C:\Users\AnneLiese\AppData\Roaming\mozilla\firefox\profiles\sf53va8u.default\extensions\webbooster@iminent.com.xpi [2013.07.03 20:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.07.03 20:25:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.07.03 20:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.03 20:25:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - homepage: CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: No name found = C:\Users\AnneLiese\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Facebook Update] C:\Users\AnneLiese\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{223945B6-EEAF-4E3F-8B50-4248C7409C0E}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CA96045-E2EF-4454-AC80-0C01308E6BC9}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.05 23:01:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\AnneLiese\Desktop\OTL.exe [2013.07.05 20:06:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.07.03 20:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.06.30 03:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2013.06.30 02:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2013.06.30 02:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.06.30 02:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.06.29 17:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs [2013.06.29 17:22:43 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe [2013.06.29 17:22:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer [2013.06.29 17:18:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2013.06.28 22:08:33 | 000,000,000 | ---D | C] -- C:\Users\AnneLiese\AppData\Roaming\Nero [2013.06.28 22:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.06.28 22:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.06.28 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2013.06.28 21:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2013.06.28 21:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2013.06.28 21:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2013.06.25 22:58:19 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2013.06.25 22:58:18 | 000,000,000 | ---D | C] -- C:\Riot Games ========== Files - Modified Within 30 Days ========== [2013.07.05 23:04:20 | 000,000,000 | ---- | M] () -- C:\Users\AnneLiese\defogger_reenable [2013.07.05 23:03:14 | 000,050,477 | ---- | M] () -- C:\Users\AnneLiese\Desktop\Defogger.exe [2013.07.05 23:01:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AnneLiese\Desktop\OTL.exe [2013.07.05 22:17:11 | 001,798,166 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.05 22:17:11 | 000,762,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.05 22:17:11 | 000,718,126 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.05 22:17:11 | 000,172,944 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.05 22:17:11 | 000,145,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.05 22:15:27 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.05 22:15:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.05 22:15:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.05 22:15:03 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-540438323-1269047250-1746032238-1000UA1cdd6ff834aa281.job [2013.07.05 20:15:25 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 20:15:25 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 20:07:45 | 3113,250,816 | -HS- | M] () -- C:\hiberfil.sys [2013.07.05 20:06:11 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2013.07.05 19:09:30 | 125,631,937 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2013.06.30 18:00:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-540438323-1269047250-1746032238-1000Core1cdd6ff83374149.job [2013.06.30 17:30:41 | 000,338,713 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2013.06.30 03:08:13 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat [2013.06.30 02:25:32 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2013.06.28 21:59:58 | 000,002,655 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk [2013.06.25 22:58:18 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk ========== Files Created - No Company Name ========== [2013.07.05 23:04:20 | 000,000,000 | ---- | C] () -- C:\Users\AnneLiese\defogger_reenable [2013.07.05 23:03:14 | 000,050,477 | ---- | C] () -- C:\Users\AnneLiese\Desktop\Defogger.exe [2013.06.30 03:08:13 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2013.06.30 02:25:32 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2013.06.28 21:59:58 | 000,002,655 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk [2013.06.25 22:58:18 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2012.12.14 14:09:12 | 000,005,120 | ---- | C] () -- C:\Users\AnneLiese\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.08.25 17:01:40 | 000,027,520 | ---- | C] () -- C:\Users\AnneLiese\AppData\Local\dt.dat [2012.08.03 18:50:12 | 000,000,846 | ---- | C] () -- C:\Windows\wiso.ini [2012.06.03 21:49:42 | 001,776,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.07.02 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\AVG2012 [2012.08.03 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\Buhl Data Service [2012.09.10 11:14:51 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\pdfforge [2013.06.25 22:13:35 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\SoftGrid Client [2013.07.05 23:02:14 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\Spotify [2012.06.03 21:50:10 | 000,000,000 | ---D | M] -- C:\Users\AnneLiese\AppData\Roaming\TP ========== Purity Check ========== < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.07.2013 23:05:03 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AnneLiese\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 65,39% Memory free 7,73 Gb Paging File | 5,99 Gb Available in Paging File | 77,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222,08 Gb Total Space | 72,39 Gb Free Space | 32,60% Space Free | Partition Type: NTFS Drive D: | 222,10 Gb Total Space | 105,52 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 3,62 Gb Total Space | 2,19 Gb Free Space | 60,47% Space Free | Partition Type: FAT32 Computer Name: ANNELIESE-PC | User Name: AnneLiese | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01950EAE-8FE0-40C3-9FDC-77AA41824692}" = lport=10243 | protocol=6 | dir=in | app=system | "{02568012-FE0E-4A5E-BC1F-B0733BF66779}" = rport=139 | protocol=6 | dir=out | app=system | "{044C1315-6D94-4844-98D9-938C0C8411F5}" = lport=445 | protocol=6 | dir=in | app=system | "{06050A6E-7673-4F2B-A4DA-7C24A69FB0EC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{0C8FDCF6-2BE5-4362-8BCD-C967FAC0879C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1099BE41-7269-40D7-8144-E20410F64CF3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{109CCD95-A3DD-42D0-B80C-392BA833B1B8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{149AE9F6-3FE1-425A-876F-4F540318DA30}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{1DBC8BD7-A0FB-4441-8E5D-AA4AFB152CCD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{207523C9-9C0C-4605-9EC7-4A3DB33451AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2821215C-4390-4839-BE7C-15DF7C51F141}" = lport=139 | protocol=6 | dir=in | app=system | "{32D33F9C-C19D-4367-B9B0-63E78BEA1B3D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{349975E0-65BD-4E04-B7C9-4AC4C21A2444}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{3F095D53-EC9F-4781-B626-7408C7796958}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{46B93C70-520E-41D9-A3F1-3C23FB84EC81}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{49A0F8BA-25D8-442F-8376-B4A5E18B1FAA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4A2A0CE2-4DCF-4AD0-AF09-6F7618734717}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{4B558A61-7A03-4863-8015-72E41B435F96}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{4BCEF4CE-A9E6-44F4-9BBB-3756D166D78C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4D41805C-714A-457D-AE35-D49BBB2FCE3A}" = lport=2869 | protocol=6 | dir=in | app=system | "{57A871E0-C100-46C1-AFEE-F9F8990FF508}" = rport=137 | protocol=17 | dir=out | app=system | "{588CBD57-5F84-43D7-99C7-F73A4ECA8353}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{5F7C07F4-3EB7-4A89-B5D4-E5D353705B00}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{63B7F3A6-3152-4FF9-AB7D-BF504A0477BA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{6420F117-8435-415F-A656-711012DA8A48}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6DC3B981-4922-43AA-9C67-08BCFA650684}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{751899B0-AFA6-49CC-9C82-A69AD67E975B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7D6B9C41-9EAB-4749-BA7B-09D2A9785036}" = rport=10243 | protocol=6 | dir=out | app=system | "{839D7C51-A6A4-4BB1-98A2-5D1ABAA54E7B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{86DFC3F9-CE71-4BC3-9D32-9DBF302F94F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{89F37757-617C-44A9-898C-C8DFCA033B17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{89F429B0-7612-4B04-88B6-1D100775F555}" = rport=138 | protocol=17 | dir=out | app=system | "{8F648702-3486-45F9-8E28-469999452CEF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{8FB6D238-8714-44BA-B862-07680A4DD113}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9B8F34D7-04D0-4BF1-A00D-949783A93FEC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{A1CCF1C2-FACF-4144-AB03-FF0A50742B67}" = rport=445 | protocol=6 | dir=out | app=system | "{A8DAE448-6F5E-4A09-AAEA-8FBDC3C86334}" = lport=138 | protocol=17 | dir=in | app=system | "{AA8088FD-43D4-48A5-98D4-F589C8FE2370}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{AAF4ABD2-D4DD-459F-9237-81C23C6D53C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BFDDD308-55A7-4053-A6B5-134E02812D03}" = lport=137 | protocol=17 | dir=in | app=system | "{DFE1B2B3-8FF4-4F95-9B6D-E251A6D57116}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FB48278C-762D-434F-ACC8-A6B6D1D20051}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05133402-41C0-462C-973D-A0B84F73698E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{0830501D-3C8B-4649-8FFB-4F357C59F4A5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{09612B0C-D4E6-48BE-BC40-409C29323A4D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{0AC7F266-FF8A-4620-891C-B891D6358421}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe | "{107F0694-5DEE-4ED7-990E-B6E7094B8E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{109A3D52-C5D9-4827-8C98-590058B9B70D}" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "{1C729189-10EF-4D0B-A4B7-448EF8DDC740}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{278D0181-291C-46AE-8AB7-5A5AD4E25A8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2C41FD81-60AE-48E4-ABD5-74B1AD46FA42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{32018988-2AFF-443B-88A9-DD82961C10BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{3654893A-C738-41FA-AA86-525C0412F313}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{397D7C3A-B42F-4B9D-A653-CD27408A852C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe | "{3A2329BD-6DF1-4CE6-BBE4-350DB694FB30}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{41418B8A-F5C5-43C9-8EB3-98EF7F639ADC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | "{41ABCACC-E249-44B8-A9D3-6308C48FBFD0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{43C8F5F1-1AC6-4388-A1E5-893ED05BA33E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{48F6F6B2-22B3-45CF-9582-60023682D8A3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{4D4B7076-7C7E-48A7-A4D7-7728920B6E00}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4DF0714A-E665-43DD-8150-CF957AF9E7E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4FB9FFD2-EC8F-41C0-BE13-B393613BB04C}" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "{585D47DD-493F-4F61-BD42-9C48257B62CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5B48C7E0-6426-4AA1-AFC3-B18158F45700}" = dir=in | app=c:\users\anneliese\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{5B9112C0-2281-4CFF-AB91-29A4322FD47A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{64F8D93A-A070-4109-9CF6-81FA4206BD72}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{68E4C258-F6F5-4941-9317-C0F7521FCAE6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{71DB8C81-A356-4086-B3ED-39FFE16F01CA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{72F5446F-A6AE-4387-9EC6-6615791BDE51}" = protocol=6 | dir=out | app=system | "{7433EB53-D5A7-46E2-830D-1EFD77C56A6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{76FAD025-F802-489F-8454-D97C96594194}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{77523163-3E84-4B13-8563-E482B2010A08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7BD2B866-36DD-4725-9CDF-6193BA25B2DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{7D872128-7B82-42CE-BBDB-345C74D718C2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{88E0B38B-9336-4D1A-A544-0DF4BAF80058}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8D08C450-B2D8-4F1F-98A1-8459AD46E053}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{8F4B4F4D-0FF9-4005-8662-ABA4FE5F2D83}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{939840D7-DB4B-49A2-BE2D-3691E5441F33}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{9502E0BD-2A8A-4CAE-BB9D-0375E046809F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9900C900-07B7-47F1-A78B-7D9AD7F96D1E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9EADBB2D-AF3B-416B-992A-B711E96622B7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{A0A0B06D-64F3-41BA-831B-5317006B56D3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{A52B534F-F9C7-4EB0-8AFC-81C7A64F43F7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{ACA63A6A-DC6D-4055-BA27-F69FCDDA495B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B26F76EA-66C1-4AF9-89A7-D417B01FDBEF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{B7055110-230B-4B47-A8F0-7F88447A65AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe | "{B71B97C7-0C28-47F9-BC9B-C4981CF3E88C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BDE19B08-D79B-495C-A943-91861527547F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BFE107BE-634D-4D56-BE1E-FA94F7ACD507}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{C19B8C09-6321-4FB5-AFB8-8397579D52B0}" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "{C7149D4C-11F9-4999-A90D-96AF67049C30}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{CA0751AA-1D20-4DA0-9F95-80AC27D7B5CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{CB6C5AB4-E05B-4CCC-8428-DE58691EA0B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe | "{CB93F1E2-6694-4A2B-A211-CFBA1A99898D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CC43DA8E-E2ED-4A15-A3A8-6F532BDA8EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{DD334D9C-2650-4FB6-A923-274368E4110C}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DFE8F1D2-B67A-42C9-B093-57C77B7228AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E11A4F0A-6DD1-4F83-9A00-5F4508E67DD3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{EBE2AF76-42F1-4BE2-AE2A-E158508B3E3E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{ECCAA5F6-D36C-4E43-9478-C00D6BE5F09A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | "{F43D5678-F2DE-481A-A344-E345DE3ACFBA}" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "{FB9506EB-16E7-4B2D-838B-BA2A1B099473}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "TCP Query User{08886B49-B729-4420-82E2-8567013C9604}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "TCP Query User{2463E784-2E9E-4292-8D61-B2A41C93D32D}C:\users\lieblingsbruder\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\local\temp\gw2.exe | "TCP Query User{462EFCF5-F3FF-420E-92CB-FC9C765E1DE6}C:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe | "TCP Query User{47DBDD48-C112-4529-AB51-E7BBA8A7A9FD}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "TCP Query User{6668F5D8-97C2-445A-B14F-EEE916300EB5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{87045705-6FDE-4C75-91D2-1ACE8558BF72}C:\users\lieblingsbruder\desktop\lan\=)\hl.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "TCP Query User{9F228AB5-7213-493B-9587-1497A01DF4A4}C:\users\lieblingsbruder\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\guild wars 2\gw2.exe | "TCP Query User{B153525F-1DF4-4D9A-96DE-4553655BDAC1}C:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe | "TCP Query User{C88E104A-D494-42EF-BF59-4D175145C19C}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "TCP Query User{E50322B8-76C9-4B10-8AF8-CABBABC096D2}C:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe | "TCP Query User{F505FFF1-9056-4ECC-903A-CCC3F548C6F4}C:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "TCP Query User{F79E4B4F-C11C-44E0-AF43-A940D685FAA0}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "UDP Query User{00DB7BAF-8A0F-40C4-A5AC-4875E5CD3491}C:\users\lieblingsbruder\desktop\lan\=)\hl.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "UDP Query User{0B6AEB0D-6637-4C57-A261-3219E0462386}C:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe | "UDP Query User{1CC66F45-6B1A-4445-BB8A-DD9DCC3A9B02}C:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe | "UDP Query User{439EA7DD-AA57-4B93-B7DE-85A5CF83520B}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "UDP Query User{443C0DC2-370A-486C-A248-1A201A5C7F84}C:\users\lieblingsbruder\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\local\temp\gw2.exe | "UDP Query User{526D68A2-D989-4FB7-A9B6-0C8382117526}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{69A1DB33-DB1F-425D-AD89-9903E4192C8B}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "UDP Query User{72B94CC9-A4D1-4BA7-9E2F-45401C69AD81}C:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe | "UDP Query User{75BBA987-D3BE-4AD5-AB74-BB473F4D03C3}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "UDP Query User{90FBAA66-3C3A-4A99-884C-4FE2B32A5FAA}C:\users\lieblingsbruder\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\guild wars 2\gw2.exe | "UDP Query User{9B719B2B-25AE-4903-8DB0-BE0701A51212}C:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "UDP Query User{9E597542-9EDF-44BF-9976-E297B94F3365}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files "{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik "{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support "{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.00 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.00 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes "{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D50E19B5-A29A-4A78-8381-0E562B40CDFD}" = AVG 2012 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012 "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "001FFF2FFF15FF00FF0201F01F02F000-R1" = ArchiCAD 15 R1 GER "AVG" = AVG 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit) "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit) "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012 "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{350612EB-55FE-47DC-8E07-197B2409909B}" = Cisco AnyConnect Secure Mobility Client "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games) "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C6A5D6E2-19B4-4005-9670-C4D36C3AD55A}" = Nero BackItUp and Burn Essentials "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "7-Zip" = 7-Zip 9.20 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client "DefaultTab" = DefaultTab "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "Google Chrome" = Google Chrome "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "League of Legends 3.0.1" = League of Legends "LManager" = Launch Manager "Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU "Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Picasa 3" = Picasa 3 "PROPLUSR" = Microsoft Office Professional Plus 2007 "Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1 "Steam App 107200" = Space Pirates and Zombies "Steam App 11020" = TrackMania Nations Forever "WildTangent acer Master Uninstall" = Acer Games "WinLiveSuite" = Windows Live Essentials "WTA-00bbf28d-b7c2-491a-9b30-8c70b307c797" = FATE "WTA-09a8511e-bef2-49c7-b2a6-fcb4bb72fb63" = Jewel Quest Solitaire "WTA-09ec0734-a3da-4f8c-ae86-918fb95fc647" = Penguins! "WTA-0d9f62bb-1ea7-4e5d-a7bc-fc93f793ceed" = Agatha Christie - Death on the Nile "WTA-2cf08349-1c36-4a68-bca4-9a12388688ee" = Plants vs. Zombies - Game of the Year "WTA-31b09fe2-21f6-4d9a-a54c-e67c64a8d416" = Torchlight "WTA-44d1f273-e063-4777-bfa1-c1cd52567fee" = Slingo Deluxe "WTA-63bb75ab-25d9-4503-b0c7-b8d58cb9b9a6" = Insaniquarium Deluxe "WTA-6d7ceed6-9cb6-47bc-bbb8-f56eca352974" = Virtual Villagers 4 - The Tree of Life "WTA-72842094-721d-4538-9627-aef2a20f721a" = Final Drive: Nitro "WTA-9c16eebb-f910-4c36-baeb-f57837ca3f2e" = Mystery of Mortlake Mansion "WTA-ba27115c-db7d-4f39-b9b5-7a6e3f68f734" = Crazy Chicken Kart 2 "WTA-c267681b-e292-45b2-9cbb-45032782fddb" = Jewel Match 3 "WTA-c5a40275-794a-4863-931d-52a304d66790" = John Deere Drive Green "WTA-d305c20a-b0cd-4743-b836-2f937139991f" = Polar Bowler "WTA-d5722912-227c-409e-b380-0798f182839a" = Wedding Dash "WTA-d927ec1a-0590-4e91-b489-a8bdfee3ec0e" = Zuma Deluxe "WTA-f2ae3808-b5dd-45bc-bbf3-2a5b64a0c2a8" = Bejeweled 2 Deluxe "WTA-f2f91c67-1cec-4593-9ff6-500782c0058d" = Chuzzle Deluxe ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.05.2013 04:53:18 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 28.05.2013 14:14:16 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.41.0, Zeitstempel: 0x4d907469 Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5ede31d2 ID des fehlerhaften Prozesses: 0x1170 Startzeit der fehlerhaften Anwendung: 0x01ce59254d2ac2aa Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe Pfad des fehlerhaften Moduls: netprofm.dll Berichtskennung: 67c07cc3-c7c2-11e2-afc0-88ae1d8f7d7e Error - 29.05.2013 15:32:18 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 30.05.2013 16:01:28 | Computer Name = AnneLiese-PC | Source = MsiInstaller | ID = 11609 Description = Error - 30.05.2013 16:02:38 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 30.05.2013 17:25:04 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9789 ID des fehlerhaften Prozesses: 0x1464 Startzeit der fehlerhaften Anwendung: 0x01ce5d748c674799 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung: 645ad8b2-c96f-11e2-936a-88ae1d8f7d7e Error - 31.05.2013 15:55:05 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 01.06.2013 04:12:39 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 03.06.2013 06:12:02 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.41.0, Zeitstempel: 0x4d907469 Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5d192505 ID des fehlerhaften Prozesses: 0x11ec Startzeit der fehlerhaften Anwendung: 0x01ce5e9fc83a0707 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe Pfad des fehlerhaften Moduls: netprofm.dll Berichtskennung: 085cb7e6-cc36-11e2-858e-88ae1d8f7d7e Error - 04.06.2013 05:31:28 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 04.06.2013 13:51:25 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = [ Cisco AnyConnect Secure Mobility Client Events ] Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108865 Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp Line: 93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File: .\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp Line: 111 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp Line: 57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp Line: 39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp Line: 1612 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:27 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE Error - 05.07.2013 16:15:30 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108866 Description = Function: XmlPrefMgr::endElement File: .\xml\XmlPrefMgr.cpp Line: 142 Invoked Function: UserPreferences::endElement Return Code: -33554423 (0xFE000009) Description: GLOBAL_ERROR_UNEXPECTED Attempt to set undefined preference <DefaultDomain>. Error - 05.07.2013 16:15:31 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108866 Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 332 Invoked Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine Daten mehr verfügbar. Error - 05.07.2013 16:15:31 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108865 Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line: 1351 NULL object. Cannot establish a connection at this time. [ OSession Events ] Error - 18.05.2013 09:07:13 | Computer Name = AnneLiese-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8744 seconds with 3480 seconds of active time. This session ended with a crash. [ System Events ] Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Multimediaklassenplaner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Benutzerprofildienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:41:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Shellhardwareerkennung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 18.12.2012 04:42:18 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 < End of report > |
05.07.2013, 23:25 | #2 |
| Iminent - Deinstallation erfolglos OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 05.07.2013 23:05:03 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AnneLiese\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 65,39% Memory free 7,73 Gb Paging File | 5,99 Gb Available in Paging File | 77,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222,08 Gb Total Space | 72,39 Gb Free Space | 32,60% Space Free | Partition Type: NTFS Drive D: | 222,10 Gb Total Space | 105,52 Gb Free Space | 47,51% Space Free | Partition Type: NTFS Drive F: | 3,62 Gb Total Space | 2,19 Gb Free Space | 60,47% Space Free | Partition Type: FAT32 Computer Name: ANNELIESE-PC | User Name: AnneLiese | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01950EAE-8FE0-40C3-9FDC-77AA41824692}" = lport=10243 | protocol=6 | dir=in | app=system | "{02568012-FE0E-4A5E-BC1F-B0733BF66779}" = rport=139 | protocol=6 | dir=out | app=system | "{044C1315-6D94-4844-98D9-938C0C8411F5}" = lport=445 | protocol=6 | dir=in | app=system | "{06050A6E-7673-4F2B-A4DA-7C24A69FB0EC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{0C8FDCF6-2BE5-4362-8BCD-C967FAC0879C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1099BE41-7269-40D7-8144-E20410F64CF3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{109CCD95-A3DD-42D0-B80C-392BA833B1B8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{149AE9F6-3FE1-425A-876F-4F540318DA30}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{1DBC8BD7-A0FB-4441-8E5D-AA4AFB152CCD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{207523C9-9C0C-4605-9EC7-4A3DB33451AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2821215C-4390-4839-BE7C-15DF7C51F141}" = lport=139 | protocol=6 | dir=in | app=system | "{32D33F9C-C19D-4367-B9B0-63E78BEA1B3D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{349975E0-65BD-4E04-B7C9-4AC4C21A2444}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{3F095D53-EC9F-4781-B626-7408C7796958}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{46B93C70-520E-41D9-A3F1-3C23FB84EC81}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{49A0F8BA-25D8-442F-8376-B4A5E18B1FAA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4A2A0CE2-4DCF-4AD0-AF09-6F7618734717}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{4B558A61-7A03-4863-8015-72E41B435F96}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{4BCEF4CE-A9E6-44F4-9BBB-3756D166D78C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4D41805C-714A-457D-AE35-D49BBB2FCE3A}" = lport=2869 | protocol=6 | dir=in | app=system | "{57A871E0-C100-46C1-AFEE-F9F8990FF508}" = rport=137 | protocol=17 | dir=out | app=system | "{588CBD57-5F84-43D7-99C7-F73A4ECA8353}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{5F7C07F4-3EB7-4A89-B5D4-E5D353705B00}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{63B7F3A6-3152-4FF9-AB7D-BF504A0477BA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{6420F117-8435-415F-A656-711012DA8A48}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6DC3B981-4922-43AA-9C67-08BCFA650684}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{751899B0-AFA6-49CC-9C82-A69AD67E975B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7D6B9C41-9EAB-4749-BA7B-09D2A9785036}" = rport=10243 | protocol=6 | dir=out | app=system | "{839D7C51-A6A4-4BB1-98A2-5D1ABAA54E7B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{86DFC3F9-CE71-4BC3-9D32-9DBF302F94F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{89F37757-617C-44A9-898C-C8DFCA033B17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{89F429B0-7612-4B04-88B6-1D100775F555}" = rport=138 | protocol=17 | dir=out | app=system | "{8F648702-3486-45F9-8E28-469999452CEF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{8FB6D238-8714-44BA-B862-07680A4DD113}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9B8F34D7-04D0-4BF1-A00D-949783A93FEC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{A1CCF1C2-FACF-4144-AB03-FF0A50742B67}" = rport=445 | protocol=6 | dir=out | app=system | "{A8DAE448-6F5E-4A09-AAEA-8FBDC3C86334}" = lport=138 | protocol=17 | dir=in | app=system | "{AA8088FD-43D4-48A5-98D4-F589C8FE2370}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{AAF4ABD2-D4DD-459F-9237-81C23C6D53C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BFDDD308-55A7-4053-A6B5-134E02812D03}" = lport=137 | protocol=17 | dir=in | app=system | "{DFE1B2B3-8FF4-4F95-9B6D-E251A6D57116}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FB48278C-762D-434F-ACC8-A6B6D1D20051}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05133402-41C0-462C-973D-A0B84F73698E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{0830501D-3C8B-4649-8FFB-4F357C59F4A5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{09612B0C-D4E6-48BE-BC40-409C29323A4D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{0AC7F266-FF8A-4620-891C-B891D6358421}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe | "{107F0694-5DEE-4ED7-990E-B6E7094B8E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{109A3D52-C5D9-4827-8C98-590058B9B70D}" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "{1C729189-10EF-4D0B-A4B7-448EF8DDC740}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{278D0181-291C-46AE-8AB7-5A5AD4E25A8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2C41FD81-60AE-48E4-ABD5-74B1AD46FA42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{32018988-2AFF-443B-88A9-DD82961C10BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{3654893A-C738-41FA-AA86-525C0412F313}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{397D7C3A-B42F-4B9D-A653-CD27408A852C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe | "{3A2329BD-6DF1-4CE6-BBE4-350DB694FB30}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{41418B8A-F5C5-43C9-8EB3-98EF7F639ADC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | "{41ABCACC-E249-44B8-A9D3-6308C48FBFD0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{43C8F5F1-1AC6-4388-A1E5-893ED05BA33E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{48F6F6B2-22B3-45CF-9582-60023682D8A3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{4D4B7076-7C7E-48A7-A4D7-7728920B6E00}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4DF0714A-E665-43DD-8150-CF957AF9E7E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4FB9FFD2-EC8F-41C0-BE13-B393613BB04C}" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "{585D47DD-493F-4F61-BD42-9C48257B62CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5B48C7E0-6426-4AA1-AFC3-B18158F45700}" = dir=in | app=c:\users\anneliese\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{5B9112C0-2281-4CFF-AB91-29A4322FD47A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{64F8D93A-A070-4109-9CF6-81FA4206BD72}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{68E4C258-F6F5-4941-9317-C0F7521FCAE6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{71DB8C81-A356-4086-B3ED-39FFE16F01CA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{72F5446F-A6AE-4387-9EC6-6615791BDE51}" = protocol=6 | dir=out | app=system | "{7433EB53-D5A7-46E2-830D-1EFD77C56A6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{76FAD025-F802-489F-8454-D97C96594194}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{77523163-3E84-4B13-8563-E482B2010A08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7BD2B866-36DD-4725-9CDF-6193BA25B2DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{7D872128-7B82-42CE-BBDB-345C74D718C2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{88E0B38B-9336-4D1A-A544-0DF4BAF80058}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8D08C450-B2D8-4F1F-98A1-8459AD46E053}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{8F4B4F4D-0FF9-4005-8662-ABA4FE5F2D83}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{939840D7-DB4B-49A2-BE2D-3691E5441F33}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{9502E0BD-2A8A-4CAE-BB9D-0375E046809F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9900C900-07B7-47F1-A78B-7D9AD7F96D1E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9EADBB2D-AF3B-416B-992A-B711E96622B7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{A0A0B06D-64F3-41BA-831B-5317006B56D3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{A52B534F-F9C7-4EB0-8AFC-81C7A64F43F7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{ACA63A6A-DC6D-4055-BA27-F69FCDDA495B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B26F76EA-66C1-4AF9-89A7-D417B01FDBEF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{B7055110-230B-4B47-A8F0-7F88447A65AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe | "{B71B97C7-0C28-47F9-BC9B-C4981CF3E88C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BDE19B08-D79B-495C-A943-91861527547F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BFE107BE-634D-4D56-BE1E-FA94F7ACD507}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{C19B8C09-6321-4FB5-AFB8-8397579D52B0}" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "{C7149D4C-11F9-4999-A90D-96AF67049C30}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{CA0751AA-1D20-4DA0-9F95-80AC27D7B5CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{CB6C5AB4-E05B-4CCC-8428-DE58691EA0B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe | "{CB93F1E2-6694-4A2B-A211-CFBA1A99898D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CC43DA8E-E2ED-4A15-A3A8-6F532BDA8EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{DD334D9C-2650-4FB6-A923-274368E4110C}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DFE8F1D2-B67A-42C9-B093-57C77B7228AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E11A4F0A-6DD1-4F83-9A00-5F4508E67DD3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{EBE2AF76-42F1-4BE2-AE2A-E158508B3E3E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{ECCAA5F6-D36C-4E43-9478-C00D6BE5F09A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | "{F43D5678-F2DE-481A-A344-E345DE3ACFBA}" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "{FB9506EB-16E7-4B2D-838B-BA2A1B099473}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "TCP Query User{08886B49-B729-4420-82E2-8567013C9604}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "TCP Query User{2463E784-2E9E-4292-8D61-B2A41C93D32D}C:\users\lieblingsbruder\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\local\temp\gw2.exe | "TCP Query User{462EFCF5-F3FF-420E-92CB-FC9C765E1DE6}C:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe | "TCP Query User{47DBDD48-C112-4529-AB51-E7BBA8A7A9FD}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "TCP Query User{6668F5D8-97C2-445A-B14F-EEE916300EB5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{87045705-6FDE-4C75-91D2-1ACE8558BF72}C:\users\lieblingsbruder\desktop\lan\=)\hl.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "TCP Query User{9F228AB5-7213-493B-9587-1497A01DF4A4}C:\users\lieblingsbruder\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\guild wars 2\gw2.exe | "TCP Query User{B153525F-1DF4-4D9A-96DE-4553655BDAC1}C:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe | "TCP Query User{C88E104A-D494-42EF-BF59-4D175145C19C}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "TCP Query User{E50322B8-76C9-4B10-8AF8-CABBABC096D2}C:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe | "TCP Query User{F505FFF1-9056-4ECC-903A-CCC3F548C6F4}C:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "TCP Query User{F79E4B4F-C11C-44E0-AF43-A940D685FAA0}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "UDP Query User{00DB7BAF-8A0F-40C4-A5AC-4875E5CD3491}C:\users\lieblingsbruder\desktop\lan\=)\hl.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\=)\hl.exe | "UDP Query User{0B6AEB0D-6637-4C57-A261-3219E0462386}C:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\counter-strike 1.6\hl.exe | "UDP Query User{1CC66F45-6B1A-4445-BB8A-DD9DCC3A9B02}C:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 2\cod2mp_s.exe | "UDP Query User{439EA7DD-AA57-4B93-B7DE-85A5CF83520B}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "UDP Query User{443C0DC2-370A-486C-A248-1A201A5C7F84}C:\users\lieblingsbruder\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\local\temp\gw2.exe | "UDP Query User{526D68A2-D989-4FB7-A9B6-0C8382117526}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{69A1DB33-DB1F-425D-AD89-9903E4192C8B}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | "UDP Query User{72B94CC9-A4D1-4BA7-9E2F-45401C69AD81}C:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\warcraft 3\warcraft iii\war3.exe | "UDP Query User{75BBA987-D3BE-4AD5-AB74-BB473F4D03C3}C:\users\anneliese\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anneliese\appdata\roaming\spotify\spotify.exe | "UDP Query User{90FBAA66-3C3A-4A99-884C-4FE2B32A5FAA}C:\users\lieblingsbruder\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\guild wars 2\gw2.exe | "UDP Query User{9B719B2B-25AE-4903-8DB0-BE0701A51212}C:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\desktop\lan\call of duty 4(neu)\iw3mp_.exe | "UDP Query User{9E597542-9EDF-44BF-9976-E297B94F3365}C:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lieblingsbruder\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files "{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik "{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support "{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.00 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.00 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes "{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D50E19B5-A29A-4A78-8381-0E562B40CDFD}" = AVG 2012 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012 "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "001FFF2FFF15FF00FF0201F01F02F000-R1" = ArchiCAD 15 R1 GER "AVG" = AVG 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit) "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit) "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012 "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{350612EB-55FE-47DC-8E07-197B2409909B}" = Cisco AnyConnect Secure Mobility Client "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games) "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C6A5D6E2-19B4-4005-9670-C4D36C3AD55A}" = Nero BackItUp and Burn Essentials "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "7-Zip" = 7-Zip 9.20 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client "DefaultTab" = DefaultTab "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "Google Chrome" = Google Chrome "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "League of Legends 3.0.1" = League of Legends "LManager" = Launch Manager "Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU "Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Picasa 3" = Picasa 3 "PROPLUSR" = Microsoft Office Professional Plus 2007 "Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1 "Steam App 107200" = Space Pirates and Zombies "Steam App 11020" = TrackMania Nations Forever "WildTangent acer Master Uninstall" = Acer Games "WinLiveSuite" = Windows Live Essentials "WTA-00bbf28d-b7c2-491a-9b30-8c70b307c797" = FATE "WTA-09a8511e-bef2-49c7-b2a6-fcb4bb72fb63" = Jewel Quest Solitaire "WTA-09ec0734-a3da-4f8c-ae86-918fb95fc647" = Penguins! "WTA-0d9f62bb-1ea7-4e5d-a7bc-fc93f793ceed" = Agatha Christie - Death on the Nile "WTA-2cf08349-1c36-4a68-bca4-9a12388688ee" = Plants vs. Zombies - Game of the Year "WTA-31b09fe2-21f6-4d9a-a54c-e67c64a8d416" = Torchlight "WTA-44d1f273-e063-4777-bfa1-c1cd52567fee" = Slingo Deluxe "WTA-63bb75ab-25d9-4503-b0c7-b8d58cb9b9a6" = Insaniquarium Deluxe "WTA-6d7ceed6-9cb6-47bc-bbb8-f56eca352974" = Virtual Villagers 4 - The Tree of Life "WTA-72842094-721d-4538-9627-aef2a20f721a" = Final Drive: Nitro "WTA-9c16eebb-f910-4c36-baeb-f57837ca3f2e" = Mystery of Mortlake Mansion "WTA-ba27115c-db7d-4f39-b9b5-7a6e3f68f734" = Crazy Chicken Kart 2 "WTA-c267681b-e292-45b2-9cbb-45032782fddb" = Jewel Match 3 "WTA-c5a40275-794a-4863-931d-52a304d66790" = John Deere Drive Green "WTA-d305c20a-b0cd-4743-b836-2f937139991f" = Polar Bowler "WTA-d5722912-227c-409e-b380-0798f182839a" = Wedding Dash "WTA-d927ec1a-0590-4e91-b489-a8bdfee3ec0e" = Zuma Deluxe "WTA-f2ae3808-b5dd-45bc-bbf3-2a5b64a0c2a8" = Bejeweled 2 Deluxe "WTA-f2f91c67-1cec-4593-9ff6-500782c0058d" = Chuzzle Deluxe ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.05.2013 04:53:18 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 28.05.2013 14:14:16 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.41.0, Zeitstempel: 0x4d907469 Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5ede31d2 ID des fehlerhaften Prozesses: 0x1170 Startzeit der fehlerhaften Anwendung: 0x01ce59254d2ac2aa Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe Pfad des fehlerhaften Moduls: netprofm.dll Berichtskennung: 67c07cc3-c7c2-11e2-afc0-88ae1d8f7d7e Error - 29.05.2013 15:32:18 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 30.05.2013 16:01:28 | Computer Name = AnneLiese-PC | Source = MsiInstaller | ID = 11609 Description = Error - 30.05.2013 16:02:38 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 30.05.2013 17:25:04 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9789 ID des fehlerhaften Prozesses: 0x1464 Startzeit der fehlerhaften Anwendung: 0x01ce5d748c674799 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung: 645ad8b2-c96f-11e2-936a-88ae1d8f7d7e Error - 31.05.2013 15:55:05 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 01.06.2013 04:12:39 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 03.06.2013 06:12:02 | Computer Name = AnneLiese-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.41.0, Zeitstempel: 0x4d907469 Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5d192505 ID des fehlerhaften Prozesses: 0x11ec Startzeit der fehlerhaften Anwendung: 0x01ce5e9fc83a0707 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe Pfad des fehlerhaften Moduls: netprofm.dll Berichtskennung: 085cb7e6-cc36-11e2-858e-88ae1d8f7d7e Error - 04.06.2013 05:31:28 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = Error - 04.06.2013 13:51:25 | Computer Name = AnneLiese-PC | Source = WinMgmt | ID = 10 Description = [ Cisco AnyConnect Secure Mobility Client Events ] Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108865 Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp Line: 93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File: .\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp Line: 111 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp Line: 57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp Line: 39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:06 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp Line: 1612 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED Error - 05.07.2013 16:15:27 | Computer Name = AnneLiese-PC | Source = acvpnagent | ID = 67108866 Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE Error - 05.07.2013 16:15:30 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108866 Description = Function: XmlPrefMgr::endElement File: .\xml\XmlPrefMgr.cpp Line: 142 Invoked Function: UserPreferences::endElement Return Code: -33554423 (0xFE000009) Description: GLOBAL_ERROR_UNEXPECTED Attempt to set undefined preference <DefaultDomain>. Error - 05.07.2013 16:15:31 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108866 Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 332 Invoked Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine Daten mehr verfügbar. Error - 05.07.2013 16:15:31 | Computer Name = AnneLiese-PC | Source = acvpnui | ID = 67108865 Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line: 1351 NULL object. Cannot establish a connection at this time. [ OSession Events ] Error - 18.05.2013 09:07:13 | Computer Name = AnneLiese-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8744 seconds with 3480 seconds of active time. This session ended with a crash. [ System Events ] Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Multimediaklassenplaner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Benutzerprofildienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:40:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.12.2012 04:41:17 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Shellhardwareerkennung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 18.12.2012 04:42:18 | Computer Name = AnneLiese-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 < End of report > GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - GMER - Rootkit Detector and Remover Rootkit scan 2013-07-06 00:09:26 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB Running: gmer_2.1.19163.exe; Driver: C:\Users\ANNELI~1\AppData\Local\Temp\ugddauoc.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800035f9000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 626 fffff800035f9042 4 bytes [00, 00, 00, 00] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Users\AnneLiese\AppData\Local\Facebook\Update\FacebookUpdate.exe[184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Users\AnneLiese\AppData\Local\Facebook\Update\FacebookUpdate.exe[184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\Launch Manager\LManager.exe[5300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\Launch Manager\LManager.exe[5300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\AVG\AVG2012\avgtray.exe[5392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\AVG\AVG2012\avgtray.exe[5392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[5448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[5448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe[5556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 .text C:\Users\AnneLiese\Desktop\Defogger.exe[5596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000754b1465 2 bytes [4B, 75] .text C:\Users\AnneLiese\Desktop\Defogger.exe[5596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754b14bb 2 bytes [4B, 75] .text ... * 2 ---- EOF - GMER 2.1 ---- |
05.07.2013, 23:28 | #3 |
/// Malware-holic | Iminent - Deinstallation erfolglos Hiho,
__________________Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
06.07.2013, 08:13 | #4 |
| Iminent - Deinstallation erfolglos Vielen Dank für die schnelle Antwort!!!! 09:11:45.0987 1208 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 09:11:46.0153 1208 ============================================================ 09:11:46.0153 1208 Current date / time: 2013/07/06 09:11:46.0153 09:11:46.0153 1208 SystemInfo: 09:11:46.0153 1208 09:11:46.0154 1208 OS Version: 6.1.7601 ServicePack: 1.0 09:11:46.0154 1208 Product type: Workstation 09:11:46.0154 1208 ComputerName: ANNELIESE-PC 09:11:46.0154 1208 UserName: AnneLiese 09:11:46.0154 1208 Windows directory: C:\Windows 09:11:46.0154 1208 System windows directory: C:\Windows 09:11:46.0154 1208 Running under WOW64 09:11:46.0154 1208 Processor architecture: Intel x64 09:11:46.0154 1208 Number of processors: 4 09:11:46.0154 1208 Page size: 0x1000 09:11:46.0154 1208 Boot type: Normal boot 09:11:46.0154 1208 ============================================================ 09:11:47.0643 1208 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:11:47.0651 1208 ============================================================ 09:11:47.0651 1208 \Device\Harddisk0\DR0: 09:11:47.0651 1208 MBR partitions: 09:11:47.0651 1208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF8800, BlocksNum 0x32000 09:11:47.0651 1208 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2B2A800, BlocksNum 0x1BC28800 09:11:47.0651 1208 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E753000, BlocksNum 0x1BC32800 09:11:47.0651 1208 ============================================================ 09:11:47.0672 1208 C: <-> \Device\Harddisk0\DR0\Partition2 09:11:47.0701 1208 D: <-> \Device\Harddisk0\DR0\Partition3 09:11:47.0701 1208 ============================================================ 09:11:47.0701 1208 Initialize success 09:11:47.0701 1208 ============================================================ 09:11:54.0190 1308 ============================================================ 09:11:54.0190 1308 Scan started 09:11:54.0190 1308 Mode: Manual; 09:11:54.0190 1308 ============================================================ 09:11:54.0666 1308 ================ Scan system memory ======================== 09:11:54.0666 1308 System memory - ok 09:11:54.0666 1308 ================ Scan services ============================= 09:11:54.0874 1308 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 09:11:54.0878 1308 1394ohci - ok 09:11:54.0910 1308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 09:11:54.0916 1308 ACPI - ok 09:11:54.0937 1308 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 09:11:54.0938 1308 AcpiPmi - ok 09:11:54.0979 1308 [ 5AE65DCD983077278A6173C2872BCA99 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys 09:11:54.0981 1308 acsock - ok 09:11:55.0081 1308 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:11:55.0084 1308 AdobeARMservice - ok 09:11:55.0118 1308 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 09:11:55.0126 1308 adp94xx - ok 09:11:55.0169 1308 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 09:11:55.0174 1308 adpahci - ok 09:11:55.0203 1308 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 09:11:55.0206 1308 adpu320 - ok 09:11:55.0231 1308 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:11:55.0232 1308 AeLookupSvc - ok 09:11:55.0273 1308 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 09:11:55.0279 1308 AFD - ok 09:11:55.0317 1308 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 09:11:55.0319 1308 agp440 - ok 09:11:55.0346 1308 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 09:11:55.0348 1308 ALG - ok 09:11:55.0367 1308 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 09:11:55.0368 1308 aliide - ok 09:11:55.0475 1308 ALSysIO - ok 09:11:55.0506 1308 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 09:11:55.0507 1308 amdide - ok 09:11:55.0526 1308 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 09:11:55.0528 1308 AmdK8 - ok 09:11:55.0535 1308 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 09:11:55.0537 1308 AmdPPM - ok 09:11:55.0567 1308 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 09:11:55.0569 1308 amdsata - ok 09:11:55.0594 1308 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 09:11:55.0597 1308 amdsbs - ok 09:11:55.0612 1308 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 09:11:55.0612 1308 amdxata - ok 09:11:55.0636 1308 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 09:11:55.0638 1308 AppID - ok 09:11:55.0658 1308 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 09:11:55.0660 1308 AppIDSvc - ok 09:11:55.0714 1308 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 09:11:55.0715 1308 Appinfo - ok 09:11:55.0760 1308 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:11:55.0762 1308 Apple Mobile Device - ok 09:11:55.0786 1308 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 09:11:55.0788 1308 arc - ok 09:11:55.0803 1308 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 09:11:55.0805 1308 arcsas - ok 09:11:55.0928 1308 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 09:11:55.0950 1308 aspnet_state - ok 09:11:55.0974 1308 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:11:55.0976 1308 AsyncMac - ok 09:11:56.0081 1308 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 09:11:56.0082 1308 atapi - ok 09:11:56.0150 1308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:11:56.0157 1308 AudioEndpointBuilder - ok 09:11:56.0184 1308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 09:11:56.0191 1308 AudioSrv - ok 09:11:56.0527 1308 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe 09:11:56.0555 1308 AVGIDSAgent - ok 09:11:56.0599 1308 [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 09:11:56.0601 1308 AVGIDSDriver - ok 09:11:56.0635 1308 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys 09:11:56.0636 1308 AVGIDSFilter - ok 09:11:56.0653 1308 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 09:11:56.0654 1308 AVGIDSHA - ok 09:11:56.0683 1308 [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 09:11:56.0687 1308 Avgldx64 - ok 09:11:56.0702 1308 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 09:11:56.0703 1308 Avgmfx64 - ok 09:11:56.0759 1308 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 09:11:56.0760 1308 Avgrkx64 - ok 09:11:56.0799 1308 [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 09:11:56.0803 1308 Avgtdia - ok 09:11:56.0842 1308 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 09:11:56.0845 1308 avgwd - ok 09:11:56.0868 1308 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 09:11:56.0871 1308 AxInstSV - ok 09:11:56.0912 1308 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 09:11:56.0918 1308 b06bdrv - ok 09:11:56.0949 1308 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 09:11:56.0954 1308 b57nd60a - ok 09:11:57.0076 1308 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 09:11:57.0100 1308 BCM43XX - ok 09:11:57.0153 1308 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 09:11:57.0156 1308 BDESVC - ok 09:11:57.0167 1308 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 09:11:57.0168 1308 Beep - ok 09:11:57.0202 1308 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 09:11:57.0211 1308 BFE - ok 09:11:57.0249 1308 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 09:11:57.0264 1308 BITS - ok 09:11:57.0319 1308 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 09:11:57.0321 1308 blbdrive - ok 09:11:57.0369 1308 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 09:11:57.0372 1308 Bonjour Service - ok 09:11:57.0401 1308 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:11:57.0402 1308 bowser - ok 09:11:57.0417 1308 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 09:11:57.0418 1308 BrFiltLo - ok 09:11:57.0424 1308 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 09:11:57.0425 1308 BrFiltUp - ok 09:11:57.0463 1308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 09:11:57.0465 1308 Browser - ok 09:11:57.0473 1308 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 09:11:57.0476 1308 Brserid - ok 09:11:57.0481 1308 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 09:11:57.0482 1308 BrSerWdm - ok 09:11:57.0486 1308 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 09:11:57.0487 1308 BrUsbMdm - ok 09:11:57.0491 1308 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 09:11:57.0493 1308 BrUsbSer - ok 09:11:57.0518 1308 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 09:11:57.0520 1308 BTHMODEM - ok 09:11:57.0564 1308 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 09:11:57.0566 1308 bthserv - ok 09:11:57.0587 1308 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:11:57.0589 1308 cdfs - ok 09:11:57.0634 1308 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 09:11:57.0637 1308 cdrom - ok 09:11:57.0662 1308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 09:11:57.0665 1308 CertPropSvc - ok 09:11:57.0680 1308 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 09:11:57.0682 1308 circlass - ok 09:11:57.0699 1308 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 09:11:57.0704 1308 CLFS - ok 09:11:57.0785 1308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:11:57.0787 1308 clr_optimization_v2.0.50727_32 - ok 09:11:57.0811 1308 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 09:11:57.0814 1308 clr_optimization_v2.0.50727_64 - ok 09:11:57.0882 1308 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:11:57.0945 1308 clr_optimization_v4.0.30319_32 - ok 09:11:57.0971 1308 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 09:11:57.0974 1308 clr_optimization_v4.0.30319_64 - ok 09:11:58.0003 1308 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:11:58.0004 1308 CmBatt - ok 09:11:58.0014 1308 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:11:58.0016 1308 cmdide - ok 09:11:58.0072 1308 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 09:11:58.0079 1308 CNG - ok 09:11:58.0124 1308 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 09:11:58.0125 1308 Compbatt - ok 09:11:58.0147 1308 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 09:11:58.0149 1308 CompositeBus - ok 09:11:58.0162 1308 COMSysApp - ok 09:11:58.0182 1308 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 09:11:58.0183 1308 crcdisk - ok 09:11:58.0255 1308 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:11:58.0257 1308 CryptSvc - ok 09:11:58.0678 1308 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 09:11:58.0690 1308 cvhsvc - ok 09:11:58.0731 1308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:11:58.0739 1308 DcomLaunch - ok 09:11:58.0767 1308 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 09:11:58.0773 1308 defragsvc - ok 09:11:58.0796 1308 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:11:58.0798 1308 DfsC - ok 09:11:58.0819 1308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 09:11:58.0823 1308 Dhcp - ok 09:11:58.0842 1308 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 09:11:58.0843 1308 discache - ok 09:11:58.0878 1308 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 09:11:58.0880 1308 Disk - ok 09:11:58.0955 1308 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:11:58.0958 1308 Dnscache - ok 09:11:59.0045 1308 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 09:11:59.0050 1308 dot3svc - ok 09:11:59.0066 1308 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 09:11:59.0068 1308 DPS - ok 09:11:59.0091 1308 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:11:59.0092 1308 drmkaud - ok 09:11:59.0132 1308 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 09:11:59.0135 1308 DsiWMIService - ok 09:11:59.0188 1308 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:11:59.0198 1308 DXGKrnl - ok 09:11:59.0288 1308 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 09:11:59.0290 1308 E1G60 - ok 09:11:59.0341 1308 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 09:11:59.0343 1308 EapHost - ok 09:11:59.0427 1308 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 09:11:59.0509 1308 ebdrv - ok 09:11:59.0559 1308 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 09:11:59.0561 1308 EFS - ok 09:11:59.0596 1308 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe 09:11:59.0600 1308 EgisTec Ticket Service - ok 09:11:59.0665 1308 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 09:11:59.0681 1308 ehRecvr - ok 09:11:59.0717 1308 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 09:11:59.0720 1308 ehSched - ok 09:11:59.0831 1308 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 09:11:59.0839 1308 elxstor - ok 09:11:59.0953 1308 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 09:11:59.0961 1308 ePowerSvc - ok 09:11:59.0993 1308 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:11:59.0994 1308 ErrDev - ok 09:12:00.0042 1308 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 09:12:00.0046 1308 EventSystem - ok 09:12:00.0072 1308 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 09:12:00.0075 1308 exfat - ok 09:12:00.0093 1308 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:12:00.0095 1308 fastfat - ok 09:12:00.0124 1308 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 09:12:00.0134 1308 Fax - ok 09:12:00.0163 1308 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 09:12:00.0165 1308 fdc - ok 09:12:00.0176 1308 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 09:12:00.0179 1308 fdPHost - ok 09:12:00.0188 1308 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 09:12:00.0191 1308 FDResPub - ok 09:12:00.0203 1308 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:12:00.0204 1308 FileInfo - ok 09:12:00.0214 1308 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:12:00.0216 1308 Filetrace - ok 09:12:00.0249 1308 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:12:00.0258 1308 FLEXnet Licensing Service - ok 09:12:00.0264 1308 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 09:12:00.0265 1308 flpydisk - ok 09:12:00.0304 1308 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:12:00.0307 1308 FltMgr - ok 09:12:00.0374 1308 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 09:12:00.0385 1308 FontCache - ok 09:12:00.0478 1308 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:12:00.0481 1308 FontCache3.0.0.0 - ok 09:12:00.0492 1308 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 09:12:00.0494 1308 FsDepends - ok 09:12:00.0512 1308 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:12:00.0513 1308 Fs_Rec - ok 09:12:00.0545 1308 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 09:12:00.0550 1308 fvevol - ok 09:12:00.0573 1308 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 09:12:00.0574 1308 gagp30kx - ok 09:12:00.0634 1308 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 09:12:00.0638 1308 GamesAppService - ok 09:12:00.0678 1308 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 09:12:00.0680 1308 GEARAspiWDM - ok 09:12:00.0726 1308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 09:12:00.0733 1308 gpsvc - ok 09:12:00.0772 1308 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 09:12:00.0773 1308 GREGService - ok 09:12:00.0876 1308 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:12:00.0878 1308 gupdate - ok 09:12:00.0897 1308 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:12:00.0898 1308 gupdatem - ok 09:12:00.0943 1308 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 09:12:00.0947 1308 gusvc - ok 09:12:00.0992 1308 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 09:12:00.0994 1308 hamachi - ok 09:12:01.0015 1308 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 09:12:01.0016 1308 hcw85cir - ok 09:12:01.0051 1308 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 09:12:01.0056 1308 HdAudAddService - ok 09:12:01.0084 1308 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 09:12:01.0086 1308 HDAudBus - ok 09:12:01.0100 1308 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 09:12:01.0101 1308 HECIx64 - ok 09:12:01.0118 1308 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 09:12:01.0119 1308 HidBatt - ok 09:12:01.0125 1308 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 09:12:01.0128 1308 HidBth - ok 09:12:01.0144 1308 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 09:12:01.0146 1308 HidIr - ok 09:12:01.0175 1308 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 09:12:01.0177 1308 hidserv - ok 09:12:01.0192 1308 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 09:12:01.0193 1308 HidUsb - ok 09:12:01.0227 1308 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:12:01.0230 1308 hkmsvc - ok 09:12:01.0256 1308 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 09:12:01.0261 1308 HomeGroupListener - ok 09:12:01.0275 1308 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 09:12:01.0278 1308 HomeGroupProvider - ok 09:12:01.0304 1308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 09:12:01.0306 1308 HpSAMD - ok 09:12:01.0343 1308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:12:01.0350 1308 HTTP - ok 09:12:01.0366 1308 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 09:12:01.0367 1308 hwpolicy - ok 09:12:01.0391 1308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 09:12:01.0393 1308 i8042prt - ok 09:12:01.0419 1308 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:12:01.0421 1308 iaStor - ok 09:12:01.0473 1308 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 09:12:01.0474 1308 IAStorDataMgrSvc - ok 09:12:01.0505 1308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 09:12:01.0511 1308 iaStorV - ok 09:12:01.0594 1308 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 09:12:01.0614 1308 idsvc - ok 09:12:01.0626 1308 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 09:12:01.0627 1308 iirsp - ok 09:12:01.0660 1308 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 09:12:01.0679 1308 IKEEXT - ok 09:12:01.0726 1308 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 09:12:01.0729 1308 Impcd - ok 09:12:01.0829 1308 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 09:12:01.0850 1308 IntcAzAudAddService - ok 09:12:01.0867 1308 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 09:12:01.0868 1308 intelide - ok 09:12:01.0910 1308 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:12:01.0911 1308 intelppm - ok 09:12:01.0938 1308 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:12:01.0942 1308 IPBusEnum - ok 09:12:01.0954 1308 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:12:01.0956 1308 IpFilterDriver - ok 09:12:02.0006 1308 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:12:02.0016 1308 iphlpsvc - ok 09:12:02.0028 1308 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 09:12:02.0030 1308 IPMIDRV - ok 09:12:02.0048 1308 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 09:12:02.0050 1308 IPNAT - ok 09:12:02.0091 1308 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:12:02.0107 1308 iPod Service - ok 09:12:02.0131 1308 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:12:02.0132 1308 IRENUM - ok 09:12:02.0137 1308 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:12:02.0138 1308 isapnp - ok 09:12:02.0156 1308 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 09:12:02.0160 1308 iScsiPrt - ok 09:12:02.0189 1308 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 09:12:02.0193 1308 k57nd60a - ok 09:12:02.0212 1308 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 09:12:02.0213 1308 kbdclass - ok 09:12:02.0238 1308 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 09:12:02.0239 1308 kbdhid - ok 09:12:02.0260 1308 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 09:12:02.0262 1308 KeyIso - ok 09:12:02.0305 1308 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:12:02.0307 1308 KSecDD - ok 09:12:02.0322 1308 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 09:12:02.0324 1308 KSecPkg - ok 09:12:02.0342 1308 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 09:12:02.0343 1308 ksthunk - ok 09:12:02.0366 1308 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 09:12:02.0372 1308 KtmRm - ok 09:12:02.0421 1308 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 09:12:02.0426 1308 LanmanServer - ok 09:12:02.0441 1308 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:12:02.0445 1308 LanmanWorkstation - ok 09:12:02.0495 1308 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 09:12:02.0498 1308 Live Updater Service - ok 09:12:02.0526 1308 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:12:02.0527 1308 lltdio - ok 09:12:02.0552 1308 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:12:02.0557 1308 lltdsvc - ok 09:12:02.0579 1308 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:12:02.0580 1308 lmhosts - ok 09:12:02.0626 1308 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 09:12:02.0628 1308 LMS - ok 09:12:02.0659 1308 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 09:12:02.0661 1308 LSI_FC - ok 09:12:02.0689 1308 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 09:12:02.0691 1308 LSI_SAS - ok 09:12:02.0696 1308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 09:12:02.0698 1308 LSI_SAS2 - ok 09:12:02.0706 1308 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 09:12:02.0709 1308 LSI_SCSI - ok 09:12:02.0719 1308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 09:12:02.0720 1308 luafv - ok 09:12:02.0737 1308 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 09:12:02.0740 1308 Mcx2Svc - ok 09:12:02.0746 1308 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 09:12:02.0747 1308 megasas - ok 09:12:02.0775 1308 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 09:12:02.0780 1308 MegaSR - ok 09:12:02.0810 1308 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 09:12:02.0812 1308 MMCSS - ok 09:12:02.0836 1308 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 09:12:02.0837 1308 Modem - ok 09:12:02.0861 1308 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:12:02.0862 1308 monitor - ok 09:12:02.0884 1308 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 09:12:02.0885 1308 mouclass - ok 09:12:02.0898 1308 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:12:02.0899 1308 mouhid - ok 09:12:02.0934 1308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 09:12:02.0936 1308 mountmgr - ok 09:12:02.0992 1308 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 09:12:02.0995 1308 MozillaMaintenance - ok 09:12:03.0017 1308 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 09:12:03.0020 1308 mpio - ok 09:12:03.0037 1308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:12:03.0038 1308 mpsdrv - ok 09:12:03.0074 1308 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 09:12:03.0082 1308 MpsSvc - ok 09:12:03.0088 1308 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:12:03.0092 1308 MRxDAV - ok 09:12:03.0134 1308 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:12:03.0136 1308 mrxsmb - ok 09:12:03.0170 1308 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:12:03.0174 1308 mrxsmb10 - ok 09:12:03.0192 1308 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:12:03.0194 1308 mrxsmb20 - ok 09:12:03.0211 1308 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 09:12:03.0213 1308 msahci - ok 09:12:03.0232 1308 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:12:03.0235 1308 msdsm - ok 09:12:03.0259 1308 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 09:12:03.0263 1308 MSDTC - ok 09:12:03.0298 1308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:12:03.0299 1308 Msfs - ok 09:12:03.0316 1308 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 09:12:03.0317 1308 mshidkmdf - ok 09:12:03.0328 1308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:12:03.0329 1308 msisadrv - ok 09:12:03.0355 1308 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:12:03.0360 1308 MSiSCSI - ok 09:12:03.0365 1308 msiserver - ok 09:12:03.0387 1308 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:12:03.0388 1308 MSKSSRV - ok 09:12:03.0405 1308 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:12:03.0406 1308 MSPCLOCK - ok 09:12:03.0411 1308 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:12:03.0412 1308 MSPQM - ok 09:12:03.0437 1308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:12:03.0442 1308 MsRPC - ok 09:12:03.0451 1308 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 09:12:03.0452 1308 mssmbios - ok 09:12:03.0517 1308 MSSQL$SQLEXPRESS - ok 09:12:03.0599 1308 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 09:12:03.0601 1308 MSSQLServerADHelper100 - ok 09:12:03.0620 1308 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:12:03.0621 1308 MSTEE - ok 09:12:03.0636 1308 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 09:12:03.0638 1308 MTConfig - ok 09:12:03.0657 1308 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 09:12:03.0658 1308 Mup - ok 09:12:03.0665 1308 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 09:12:03.0666 1308 mwlPSDFilter - ok 09:12:03.0691 1308 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 09:12:03.0692 1308 mwlPSDNServ - ok 09:12:03.0700 1308 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 09:12:03.0701 1308 mwlPSDVDisk - ok 09:12:03.0725 1308 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 09:12:03.0732 1308 napagent - ok 09:12:03.0757 1308 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:12:03.0760 1308 NativeWifiP - ok 09:12:03.0879 1308 [ 2989174DF02E0AEF54BAE90674FB445F ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 09:12:03.0888 1308 NAUpdate - ok 09:12:03.0919 1308 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 09:12:03.0938 1308 NDIS - ok 09:12:03.0959 1308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 09:12:03.0961 1308 NdisCap - ok 09:12:03.0979 1308 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:12:03.0981 1308 NdisTapi - ok 09:12:03.0997 1308 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:12:03.0999 1308 Ndisuio - ok 09:12:04.0018 1308 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:12:04.0022 1308 NdisWan - ok 09:12:04.0039 1308 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:12:04.0041 1308 NDProxy - ok 09:12:04.0051 1308 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:12:04.0052 1308 NetBIOS - ok 09:12:04.0072 1308 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 09:12:04.0076 1308 NetBT - ok 09:12:04.0098 1308 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 09:12:04.0099 1308 Netlogon - ok 09:12:04.0134 1308 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 09:12:04.0140 1308 Netman - ok 09:12:04.0177 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:12:04.0200 1308 NetMsmqActivator - ok 09:12:04.0207 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:12:04.0209 1308 NetPipeActivator - ok 09:12:04.0240 1308 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 09:12:04.0263 1308 netprofm - ok 09:12:04.0273 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:12:04.0275 1308 NetTcpActivator - ok 09:12:04.0280 1308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:12:04.0282 1308 NetTcpPortSharing - ok 09:12:04.0315 1308 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 09:12:04.0317 1308 nfrd960 - ok 09:12:04.0347 1308 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 09:12:04.0353 1308 NlaSvc - ok 09:12:04.0446 1308 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 09:12:04.0515 1308 NOBU - ok 09:12:04.0522 1308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:12:04.0523 1308 Npfs - ok 09:12:04.0535 1308 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 09:12:04.0536 1308 nsi - ok 09:12:04.0542 1308 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:12:04.0543 1308 nsiproxy - ok 09:12:04.0601 1308 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:12:04.0635 1308 Ntfs - ok 09:12:04.0680 1308 [ 874C6BEB44845D56D5F6B01ABE409E9C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe 09:12:04.0684 1308 NTI IScheduleSvc - ok 09:12:04.0695 1308 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 09:12:04.0696 1308 NTIDrvr - ok 09:12:04.0712 1308 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 09:12:04.0714 1308 Null - ok 09:12:04.0963 1308 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 09:12:05.0021 1308 nvlddmkm - ok 09:12:05.0044 1308 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:12:05.0046 1308 nvraid - ok 09:12:05.0051 1308 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:12:05.0053 1308 nvstor - ok 09:12:05.0102 1308 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe 09:12:05.0113 1308 NVSvc - ok 09:12:05.0120 1308 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:12:05.0122 1308 nv_agp - ok 09:12:05.0211 1308 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:12:05.0218 1308 odserv - ok 09:12:05.0233 1308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 09:12:05.0235 1308 ohci1394 - ok 09:12:05.0272 1308 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:12:05.0276 1308 ose - ok 09:12:05.0408 1308 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:12:05.0509 1308 osppsvc - ok 09:12:05.0536 1308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 09:12:05.0540 1308 p2pimsvc - ok 09:12:05.0562 1308 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 09:12:05.0567 1308 p2psvc - ok 09:12:05.0604 1308 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 09:12:05.0606 1308 Parport - ok 09:12:05.0634 1308 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:12:05.0635 1308 partmgr - ok 09:12:05.0653 1308 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 09:12:05.0655 1308 PcaSvc - ok 09:12:05.0674 1308 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 09:12:05.0676 1308 pci - ok 09:12:05.0681 1308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 09:12:05.0682 1308 pciide - ok 09:12:05.0706 1308 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 09:12:05.0709 1308 pcmcia - ok 09:12:05.0719 1308 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 09:12:05.0720 1308 pcw - ok 09:12:05.0742 1308 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:12:05.0751 1308 PEAUTH - ok 09:12:05.0817 1308 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 09:12:05.0820 1308 PerfHost - ok 09:12:05.0878 1308 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 09:12:05.0913 1308 pla - ok 09:12:05.0964 1308 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:12:05.0969 1308 PlugPlay - ok 09:12:05.0982 1308 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 09:12:05.0985 1308 PNRPAutoReg - ok 09:12:06.0012 1308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 09:12:06.0016 1308 PNRPsvc - ok 09:12:06.0056 1308 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:12:06.0063 1308 PolicyAgent - ok 09:12:06.0076 1308 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 09:12:06.0079 1308 Power - ok 09:12:06.0121 1308 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:12:06.0124 1308 PptpMiniport - ok 09:12:06.0134 1308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 09:12:06.0136 1308 Processor - ok 09:12:06.0160 1308 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll 09:12:06.0163 1308 ProfSvc - ok 09:12:06.0179 1308 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 09:12:06.0180 1308 ProtectedStorage - ok 09:12:06.0201 1308 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 09:12:06.0204 1308 Psched - ok 09:12:06.0245 1308 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 09:12:06.0279 1308 ql2300 - ok 09:12:06.0285 1308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 09:12:06.0287 1308 ql40xx - ok 09:12:06.0312 1308 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 09:12:06.0318 1308 QWAVE - ok 09:12:06.0331 1308 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:12:06.0333 1308 QWAVEdrv - ok 09:12:06.0343 1308 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:12:06.0345 1308 RasAcd - ok 09:12:06.0387 1308 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 09:12:06.0388 1308 RasAgileVpn - ok 09:12:06.0401 1308 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 09:12:06.0405 1308 RasAuto - ok 09:12:06.0421 1308 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:12:06.0424 1308 Rasl2tp - ok 09:12:06.0441 1308 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 09:12:06.0447 1308 RasMan - ok 09:12:06.0459 1308 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:12:06.0461 1308 RasPppoe - ok 09:12:06.0474 1308 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:12:06.0476 1308 RasSstp - ok 09:12:06.0505 1308 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:12:06.0510 1308 rdbss - ok 09:12:06.0523 1308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 09:12:06.0525 1308 rdpbus - ok 09:12:06.0545 1308 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:12:06.0546 1308 RDPCDD - ok 09:12:06.0562 1308 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:12:06.0563 1308 RDPENCDD - ok 09:12:06.0588 1308 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 09:12:06.0589 1308 RDPREFMP - ok 09:12:06.0623 1308 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:12:06.0626 1308 RDPWD - ok 09:12:06.0655 1308 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 09:12:06.0658 1308 rdyboost - ok 09:12:06.0681 1308 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:12:06.0684 1308 RemoteAccess - ok 09:12:06.0709 1308 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:12:06.0714 1308 RemoteRegistry - ok 09:12:06.0734 1308 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 09:12:06.0737 1308 RpcEptMapper - ok 09:12:06.0758 1308 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 09:12:06.0760 1308 RpcLocator - ok 09:12:06.0778 1308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 09:12:06.0784 1308 RpcSs - ok 09:12:06.0819 1308 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys 09:12:06.0823 1308 RsFx0103 - ok 09:12:06.0858 1308 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:12:06.0860 1308 rspndr - ok 09:12:06.0886 1308 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 09:12:06.0890 1308 RSUSBSTOR - ok 09:12:06.0909 1308 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 09:12:06.0911 1308 SamSs - ok 09:12:06.0923 1308 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:12:06.0925 1308 sbp2port - ok 09:12:06.0957 1308 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:12:06.0962 1308 SCardSvr - ok 09:12:06.0976 1308 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 09:12:06.0977 1308 scfilter - ok 09:12:07.0025 1308 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 09:12:07.0035 1308 Schedule - ok 09:12:07.0060 1308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 09:12:07.0061 1308 SCPolicySvc - ok 09:12:07.0076 1308 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:12:07.0080 1308 SDRSVC - ok 09:12:07.0102 1308 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:12:07.0103 1308 secdrv - ok 09:12:07.0117 1308 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 09:12:07.0120 1308 seclogon - ok 09:12:07.0130 1308 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 09:12:07.0132 1308 SENS - ok 09:12:07.0136 1308 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 09:12:07.0139 1308 SensrSvc - ok 09:12:07.0149 1308 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 09:12:07.0150 1308 Serenum - ok 09:12:07.0179 1308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 09:12:07.0181 1308 Serial - ok 09:12:07.0197 1308 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 09:12:07.0198 1308 sermouse - ok 09:12:07.0220 1308 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 09:12:07.0224 1308 SessionEnv - ok 09:12:07.0227 1308 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:12:07.0229 1308 sffdisk - ok 09:12:07.0233 1308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:12:07.0234 1308 sffp_mmc - ok 09:12:07.0238 1308 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:12:07.0239 1308 sffp_sd - ok 09:12:07.0256 1308 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 09:12:07.0257 1308 sfloppy - ok 09:12:07.0309 1308 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 09:12:07.0315 1308 Sftfs - ok 09:12:07.0360 1308 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 09:12:07.0367 1308 sftlist - ok 09:12:07.0385 1308 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 09:12:07.0388 1308 Sftplay - ok 09:12:07.0401 1308 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 09:12:07.0402 1308 Sftredir - ok 09:12:07.0420 1308 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 09:12:07.0421 1308 Sftvol - ok 09:12:07.0435 1308 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 09:12:07.0438 1308 sftvsa - ok 09:12:07.0479 1308 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:12:07.0485 1308 SharedAccess - ok 09:12:07.0511 1308 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:12:07.0516 1308 ShellHWDetection - ok 09:12:07.0531 1308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 09:12:07.0533 1308 SiSRaid2 - ok 09:12:07.0550 1308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 09:12:07.0552 1308 SiSRaid4 - ok 09:12:07.0703 1308 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 09:12:07.0768 1308 Skype C2C Service - ok 09:12:07.0838 1308 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 09:12:07.0841 1308 SkypeUpdate - ok 09:12:07.0869 1308 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:12:07.0871 1308 Smb - ok 09:12:07.0900 1308 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:12:07.0902 1308 SNMPTRAP - ok 09:12:07.0924 1308 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 09:12:07.0925 1308 spldr - ok 09:12:07.0955 1308 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 09:12:07.0961 1308 Spooler - ok 09:12:08.0040 1308 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 09:12:08.0107 1308 sppsvc - ok 09:12:08.0116 1308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 09:12:08.0119 1308 sppuinotify - ok 09:12:08.0169 1308 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 09:12:08.0174 1308 SQLAgent$SQLEXPRESS - ok 09:12:08.0250 1308 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 09:12:08.0255 1308 SQLBrowser - ok 09:12:08.0329 1308 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 09:12:08.0332 1308 SQLWriter - ok 09:12:08.0367 1308 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 09:12:08.0374 1308 srv - ok 09:12:08.0383 1308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:12:08.0390 1308 srv2 - ok 09:12:08.0436 1308 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:12:08.0439 1308 srvnet - ok 09:12:08.0463 1308 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:12:08.0467 1308 SSDPSRV - ok 09:12:08.0476 1308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:12:08.0479 1308 SstpSvc - ok 09:12:08.0521 1308 Steam Client Service - ok 09:12:08.0543 1308 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 09:12:08.0544 1308 stexstor - ok 09:12:08.0591 1308 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 09:12:08.0601 1308 stisvc - ok 09:12:08.0651 1308 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 09:12:08.0652 1308 swenum - ok 09:12:08.0687 1308 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 09:12:08.0696 1308 swprv - ok 09:12:08.0740 1308 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 09:12:08.0744 1308 SynTP - ok 09:12:08.0788 1308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 09:12:08.0834 1308 SysMain - ok 09:12:08.0845 1308 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:12:08.0849 1308 TabletInputService - ok 09:12:08.0867 1308 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 09:12:08.0873 1308 TapiSrv - ok 09:12:08.0890 1308 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 09:12:08.0894 1308 TBS - ok 09:12:08.0969 1308 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:12:08.0986 1308 Tcpip - ok 09:12:09.0047 1308 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 09:12:09.0066 1308 TCPIP6 - ok 09:12:09.0093 1308 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:12:09.0094 1308 tcpipreg - ok 09:12:09.0113 1308 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:12:09.0114 1308 TDPIPE - ok 09:12:09.0124 1308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:12:09.0125 1308 TDTCP - ok 09:12:09.0137 1308 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:12:09.0139 1308 tdx - ok 09:12:09.0161 1308 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 09:12:09.0162 1308 TermDD - ok 09:12:09.0194 1308 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 09:12:09.0202 1308 TermService - ok 09:12:09.0218 1308 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 09:12:09.0219 1308 Themes - ok 09:12:09.0241 1308 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 09:12:09.0242 1308 THREADORDER - ok 09:12:09.0257 1308 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 09:12:09.0260 1308 TrkWks - ok 09:12:09.0297 1308 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:12:09.0301 1308 TrustedInstaller - ok 09:12:09.0316 1308 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:12:09.0317 1308 tssecsrv - ok 09:12:09.0348 1308 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 09:12:09.0350 1308 TsUsbFlt - ok 09:12:09.0360 1308 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 09:12:09.0361 1308 TsUsbGD - ok 09:12:09.0391 1308 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:12:09.0394 1308 tunnel - ok 09:12:09.0412 1308 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 09:12:09.0413 1308 TurboB - ok 09:12:09.0461 1308 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 09:12:09.0464 1308 TurboBoost - ok 09:12:09.0475 1308 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 09:12:09.0477 1308 uagp35 - ok 09:12:09.0487 1308 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 09:12:09.0488 1308 UBHelper - ok 09:12:09.0507 1308 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:12:09.0512 1308 udfs - ok 09:12:09.0538 1308 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:12:09.0541 1308 UI0Detect - ok 09:12:09.0561 1308 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:12:09.0563 1308 uliagpkx - ok 09:12:09.0585 1308 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 09:12:09.0587 1308 umbus - ok 09:12:09.0592 1308 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 09:12:09.0594 1308 UmPass - ok 09:12:09.0687 1308 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 09:12:09.0742 1308 UNS - ok 09:12:09.0791 1308 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 09:12:09.0798 1308 upnphost - ok 09:12:09.0834 1308 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 09:12:09.0836 1308 USBAAPL64 - ok 09:12:09.0852 1308 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:12:09.0854 1308 usbccgp - ok 09:12:09.0867 1308 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:12:09.0870 1308 usbcir - ok 09:12:09.0883 1308 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 09:12:09.0884 1308 usbehci - ok 09:12:09.0902 1308 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:12:09.0907 1308 usbhub - ok 09:12:09.0924 1308 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:12:09.0926 1308 usbohci - ok 09:12:09.0950 1308 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 09:12:09.0952 1308 usbprint - ok 09:12:09.0985 1308 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 09:12:09.0986 1308 usbscan - ok 09:12:10.0005 1308 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:12:10.0008 1308 USBSTOR - ok 09:12:10.0024 1308 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 09:12:10.0026 1308 usbuhci - ok 09:12:10.0075 1308 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 09:12:10.0079 1308 usbvideo - ok 09:12:10.0104 1308 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 09:12:10.0107 1308 UxSms - ok 09:12:10.0112 1308 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 09:12:10.0114 1308 VaultSvc - ok 09:12:10.0125 1308 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 09:12:10.0126 1308 vdrvroot - ok 09:12:10.0154 1308 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 09:12:10.0163 1308 vds - ok 09:12:10.0210 1308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:12:10.0212 1308 vga - ok 09:12:10.0227 1308 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 09:12:10.0228 1308 VgaSave - ok 09:12:10.0242 1308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 09:12:10.0246 1308 vhdmp - ok 09:12:10.0251 1308 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 09:12:10.0253 1308 viaide - ok 09:12:10.0273 1308 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:12:10.0275 1308 volmgr - ok 09:12:10.0295 1308 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:12:10.0300 1308 volmgrx - ok 09:12:10.0322 1308 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:12:10.0326 1308 volsnap - ok 09:12:10.0379 1308 [ 4D8FC912E146DE0115392381C7114588 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 09:12:10.0385 1308 vpnagent - ok 09:12:10.0409 1308 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys 09:12:10.0410 1308 vpnva - ok 09:12:10.0453 1308 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 09:12:10.0456 1308 vsmraid - ok 09:12:10.0513 1308 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 09:12:10.0558 1308 VSS - ok 09:12:10.0593 1308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 09:12:10.0595 1308 vwifibus - ok 09:12:10.0605 1308 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 09:12:10.0608 1308 vwififlt - ok 09:12:10.0633 1308 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 09:12:10.0640 1308 W32Time - ok 09:12:10.0698 1308 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 09:12:10.0700 1308 WacomPen - ok 09:12:10.0734 1308 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 09:12:10.0736 1308 WANARP - ok 09:12:10.0747 1308 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:12:10.0748 1308 Wanarpv6 - ok 09:12:10.0819 1308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 09:12:10.0853 1308 WatAdminSvc - ok 09:12:10.0900 1308 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 09:12:10.0936 1308 wbengine - ok 09:12:10.0954 1308 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 09:12:10.0960 1308 WbioSrvc - ok 09:12:10.0987 1308 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:12:10.0994 1308 wcncsvc - ok 09:12:11.0008 1308 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:12:11.0012 1308 WcsPlugInService - ok 09:12:11.0034 1308 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 09:12:11.0035 1308 Wd - ok 09:12:11.0065 1308 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:12:11.0074 1308 Wdf01000 - ok 09:12:11.0087 1308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:12:11.0090 1308 WdiServiceHost - ok 09:12:11.0094 1308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:12:11.0096 1308 WdiSystemHost - ok 09:12:11.0107 1308 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 09:12:11.0111 1308 WebClient - ok 09:12:11.0126 1308 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:12:11.0131 1308 Wecsvc - ok 09:12:11.0148 1308 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:12:11.0151 1308 wercplsupport - ok 09:12:11.0162 1308 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 09:12:11.0165 1308 WerSvc - ok 09:12:11.0190 1308 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 09:12:11.0191 1308 WfpLwf - ok 09:12:11.0204 1308 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 09:12:11.0205 1308 WIMMount - ok 09:12:11.0231 1308 WinDefend - ok 09:12:11.0237 1308 WinHttpAutoProxySvc - ok 09:12:11.0300 1308 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:12:11.0304 1308 Winmgmt - ok 09:12:11.0369 1308 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 09:12:11.0415 1308 WinRM - ok 09:12:11.0483 1308 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 09:12:11.0484 1308 WinUsb - ok 09:12:11.0532 1308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 09:12:11.0541 1308 Wlansvc - ok 09:12:11.0575 1308 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 09:12:11.0577 1308 wlcrasvc - ok 09:12:11.0665 1308 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:12:11.0752 1308 wlidsvc - ok 09:12:11.0783 1308 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 09:12:11.0784 1308 WmiAcpi - ok 09:12:11.0817 1308 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:12:11.0821 1308 wmiApSrv - ok 09:12:11.0830 1308 WMPNetworkSvc - ok 09:12:11.0846 1308 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:12:11.0849 1308 WPCSvc - ok 09:12:11.0863 1308 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:12:11.0867 1308 WPDBusEnum - ok 09:12:11.0872 1308 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:12:11.0873 1308 ws2ifsl - ok 09:12:11.0890 1308 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 09:12:11.0894 1308 wscsvc - ok 09:12:11.0898 1308 WSearch - ok 09:12:11.0979 1308 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 09:12:12.0033 1308 wuauserv - ok 09:12:12.0048 1308 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 09:12:12.0049 1308 WudfPf - ok 09:12:12.0072 1308 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:12:12.0074 1308 WUDFRd - ok 09:12:12.0085 1308 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:12:12.0087 1308 wudfsvc - ok 09:12:12.0110 1308 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 09:12:12.0114 1308 WwanSvc - ok 09:12:12.0123 1308 ================ Scan global =============================== 09:12:12.0140 1308 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 09:12:12.0182 1308 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 09:12:12.0192 1308 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 09:12:12.0218 1308 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 09:12:12.0253 1308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 09:12:12.0257 1308 [Global] - ok 09:12:12.0258 1308 ================ Scan MBR ================================== 09:12:12.0274 1308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 09:12:12.0515 1308 \Device\Harddisk0\DR0 - ok 09:12:12.0516 1308 ================ Scan VBR ================================== 09:12:12.0520 1308 [ 2B3BCD70BE766C39A5C54E65001C0C35 ] \Device\Harddisk0\DR0\Partition1 09:12:12.0522 1308 \Device\Harddisk0\DR0\Partition1 - ok 09:12:12.0533 1308 [ 775D6077BF29377E28951C537D4C201B ] \Device\Harddisk0\DR0\Partition2 09:12:12.0536 1308 \Device\Harddisk0\DR0\Partition2 - ok 09:12:12.0554 1308 [ 7ED3757200281A38591CAE0914555A40 ] \Device\Harddisk0\DR0\Partition3 09:12:12.0556 1308 \Device\Harddisk0\DR0\Partition3 - ok 09:12:12.0557 1308 ============================================================ 09:12:12.0557 1308 Scan finished 09:12:12.0557 1308 ============================================================ 09:12:12.0573 5824 Detected object count: 0 09:12:12.0573 5824 Actual detected object count: 0 |
06.07.2013, 12:36 | #5 |
/// Malware-holic | Iminent - Deinstallation erfolglos Bitte noch mal nach Anleitung konfigurieren, und ausführen, Log posten.b
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 12:57 | #6 |
| Iminent - Deinstallation erfolglos 13:53:42.0145 1748 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 13:53:42.0353 1748 ============================================================ 13:53:42.0353 1748 Current date / time: 2013/07/06 13:53:42.0353 13:53:42.0353 1748 SystemInfo: 13:53:42.0353 1748 13:53:42.0353 1748 OS Version: 6.1.7601 ServicePack: 1.0 13:53:42.0353 1748 Product type: Workstation 13:53:42.0354 1748 ComputerName: ANNELIESE-PC 13:53:42.0354 1748 UserName: AnneLiese 13:53:42.0354 1748 Windows directory: C:\Windows 13:53:42.0354 1748 System windows directory: C:\Windows 13:53:42.0354 1748 Running under WOW64 13:53:42.0354 1748 Processor architecture: Intel x64 13:53:42.0354 1748 Number of processors: 4 13:53:42.0354 1748 Page size: 0x1000 13:53:42.0354 1748 Boot type: Normal boot 13:53:42.0354 1748 ============================================================ 13:53:42.0789 1748 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:53:42.0799 1748 ============================================================ 13:53:42.0800 1748 \Device\Harddisk0\DR0: 13:53:42.0800 1748 MBR partitions: 13:53:42.0800 1748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF8800, BlocksNum 0x32000 13:53:42.0800 1748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2B2A800, BlocksNum 0x1BC28800 13:53:42.0800 1748 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E753000, BlocksNum 0x1BC32800 13:53:42.0800 1748 ============================================================ 13:53:42.0818 1748 C: <-> \Device\Harddisk0\DR0\Partition2 13:53:42.0847 1748 D: <-> \Device\Harddisk0\DR0\Partition3 13:53:42.0847 1748 ============================================================ 13:53:42.0847 1748 Initialize success 13:53:42.0848 1748 ============================================================ 13:53:52.0605 2748 ============================================================ 13:53:52.0605 2748 Scan started 13:53:52.0605 2748 Mode: Manual; SigCheck; TDLFS; 13:53:52.0605 2748 ============================================================ 13:53:53.0332 2748 ================ Scan system memory ======================== 13:53:53.0332 2748 System memory - ok 13:53:53.0333 2748 ================ Scan services ============================= 13:53:53.0541 2748 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:53:53.0629 2748 1394ohci - ok 13:53:53.0664 2748 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:53:53.0680 2748 ACPI - ok 13:53:53.0714 2748 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:53:53.0746 2748 AcpiPmi - ok 13:53:53.0811 2748 [ 5AE65DCD983077278A6173C2872BCA99 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys 13:53:53.0858 2748 acsock - ok 13:53:53.0958 2748 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:53:53.0975 2748 AdobeARMservice - ok 13:53:54.0016 2748 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 13:53:54.0051 2748 adp94xx - ok 13:53:54.0089 2748 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 13:53:54.0110 2748 adpahci - ok 13:53:54.0116 2748 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 13:53:54.0133 2748 adpu320 - ok 13:53:54.0162 2748 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:53:54.0268 2748 AeLookupSvc - ok 13:53:54.0313 2748 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:53:54.0353 2748 AFD - ok 13:53:54.0392 2748 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:53:54.0407 2748 agp440 - ok 13:53:54.0432 2748 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:53:54.0488 2748 ALG - ok 13:53:54.0525 2748 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:53:54.0539 2748 aliide - ok 13:53:54.0638 2748 ALSysIO - ok 13:53:54.0669 2748 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 13:53:54.0685 2748 amdide - ok 13:53:54.0701 2748 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 13:53:54.0743 2748 AmdK8 - ok 13:53:54.0748 2748 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 13:53:54.0814 2748 AmdPPM - ok 13:53:54.0844 2748 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:53:54.0858 2748 amdsata - ok 13:53:54.0876 2748 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 13:53:54.0889 2748 amdsbs - ok 13:53:54.0908 2748 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:53:54.0918 2748 amdxata - ok 13:53:54.0936 2748 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 13:53:54.0987 2748 AppID - ok 13:53:55.0032 2748 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:53:55.0104 2748 AppIDSvc - ok 13:53:55.0143 2748 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 13:53:55.0179 2748 Appinfo - ok 13:53:55.0234 2748 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:53:55.0244 2748 Apple Mobile Device - ok 13:53:55.0281 2748 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 13:53:55.0296 2748 arc - ok 13:53:55.0331 2748 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 13:53:55.0345 2748 arcsas - ok 13:53:55.0501 2748 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:53:55.0517 2748 aspnet_state - ok 13:53:55.0537 2748 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:53:55.0588 2748 AsyncMac - ok 13:53:55.0698 2748 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 13:53:55.0720 2748 atapi - ok 13:53:55.0777 2748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:53:55.0842 2748 AudioEndpointBuilder - ok 13:53:55.0888 2748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:53:55.0928 2748 AudioSrv - ok 13:53:56.0120 2748 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe 13:53:56.0297 2748 AVGIDSAgent - ok 13:53:56.0338 2748 [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 13:53:56.0375 2748 AVGIDSDriver - ok 13:53:56.0429 2748 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys 13:53:56.0438 2748 AVGIDSFilter - ok 13:53:56.0447 2748 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 13:53:56.0457 2748 AVGIDSHA - ok 13:53:56.0512 2748 [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 13:53:56.0538 2748 Avgldx64 - ok 13:53:56.0585 2748 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 13:53:56.0596 2748 Avgmfx64 - ok 13:53:56.0641 2748 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 13:53:56.0652 2748 Avgrkx64 - ok 13:53:56.0694 2748 [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 13:53:56.0722 2748 Avgtdia - ok 13:53:56.0769 2748 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 13:53:56.0782 2748 avgwd - ok 13:53:56.0806 2748 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:53:56.0858 2748 AxInstSV - ok 13:53:56.0916 2748 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 13:53:56.0952 2748 b06bdrv - ok 13:53:56.0975 2748 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:53:57.0008 2748 b57nd60a - ok 13:53:57.0140 2748 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 13:53:57.0215 2748 BCM43XX - ok 13:53:57.0257 2748 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:53:57.0298 2748 BDESVC - ok 13:53:57.0304 2748 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:53:57.0364 2748 Beep - ok 13:53:57.0438 2748 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 13:53:57.0497 2748 BFE - ok 13:53:57.0530 2748 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 13:53:57.0595 2748 BITS - ok 13:53:57.0634 2748 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 13:53:57.0653 2748 blbdrive - ok 13:53:57.0705 2748 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 13:53:57.0720 2748 Bonjour Service - ok 13:53:57.0737 2748 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:53:57.0774 2748 bowser - ok 13:53:57.0787 2748 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 13:53:57.0810 2748 BrFiltLo - ok 13:53:57.0814 2748 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 13:53:57.0832 2748 BrFiltUp - ok 13:53:57.0866 2748 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 13:53:57.0881 2748 Browser - ok 13:53:57.0897 2748 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:53:57.0949 2748 Brserid - ok 13:53:57.0954 2748 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:53:57.0981 2748 BrSerWdm - ok 13:53:57.0984 2748 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:53:58.0007 2748 BrUsbMdm - ok 13:53:58.0010 2748 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:53:58.0027 2748 BrUsbSer - ok 13:53:58.0032 2748 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 13:53:58.0064 2748 BTHMODEM - ok 13:53:58.0100 2748 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:53:58.0156 2748 bthserv - ok 13:53:58.0178 2748 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:53:58.0245 2748 cdfs - ok 13:53:58.0281 2748 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:53:58.0309 2748 cdrom - ok 13:53:58.0320 2748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 13:53:58.0373 2748 CertPropSvc - ok 13:53:58.0393 2748 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 13:53:58.0421 2748 circlass - ok 13:53:58.0433 2748 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:53:58.0449 2748 CLFS - ok 13:53:58.0498 2748 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:53:58.0525 2748 clr_optimization_v2.0.50727_32 - ok 13:53:58.0557 2748 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:53:58.0568 2748 clr_optimization_v2.0.50727_64 - ok 13:53:58.0639 2748 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:53:58.0653 2748 clr_optimization_v4.0.30319_32 - ok 13:53:58.0662 2748 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:53:58.0675 2748 clr_optimization_v4.0.30319_64 - ok 13:53:58.0705 2748 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:53:58.0723 2748 CmBatt - ok 13:53:58.0739 2748 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:53:58.0750 2748 cmdide - ok 13:53:58.0797 2748 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 13:53:58.0841 2748 CNG - ok 13:53:58.0859 2748 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 13:53:58.0871 2748 Compbatt - ok 13:53:58.0884 2748 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 13:53:58.0914 2748 CompositeBus - ok 13:53:58.0930 2748 COMSysApp - ok 13:53:58.0940 2748 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 13:53:58.0953 2748 crcdisk - ok 13:53:59.0012 2748 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:53:59.0046 2748 CryptSvc - ok 13:53:59.0114 2748 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 13:53:59.0152 2748 cvhsvc - ok 13:53:59.0178 2748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:53:59.0232 2748 DcomLaunch - ok 13:53:59.0259 2748 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:53:59.0307 2748 defragsvc - ok 13:53:59.0322 2748 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:53:59.0368 2748 DfsC - ok 13:53:59.0389 2748 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 13:53:59.0454 2748 Dhcp - ok 13:53:59.0478 2748 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:53:59.0524 2748 discache - ok 13:53:59.0559 2748 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 13:53:59.0571 2748 Disk - ok 13:53:59.0591 2748 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:53:59.0635 2748 Dnscache - ok 13:53:59.0648 2748 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:53:59.0701 2748 dot3svc - ok 13:53:59.0735 2748 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 13:53:59.0791 2748 DPS - ok 13:53:59.0816 2748 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:53:59.0854 2748 drmkaud - ok 13:53:59.0890 2748 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 13:53:59.0905 2748 DsiWMIService - ok 13:53:59.0955 2748 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:53:59.0986 2748 DXGKrnl - ok 13:54:00.0012 2748 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 13:54:00.0041 2748 E1G60 - ok 13:54:00.0077 2748 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:54:00.0136 2748 EapHost - ok 13:54:00.0196 2748 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 13:54:00.0307 2748 ebdrv - ok 13:54:00.0329 2748 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 13:54:00.0363 2748 EFS - ok 13:54:00.0399 2748 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe 13:54:00.0447 2748 EgisTec Ticket Service - ok 13:54:00.0512 2748 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:54:00.0580 2748 ehRecvr - ok 13:54:00.0608 2748 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:54:00.0630 2748 ehSched - ok 13:54:00.0677 2748 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 13:54:00.0705 2748 elxstor - ok 13:54:00.0778 2748 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 13:54:00.0810 2748 ePowerSvc - ok 13:54:00.0814 2748 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:54:00.0840 2748 ErrDev - ok 13:54:00.0888 2748 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:54:00.0943 2748 EventSystem - ok 13:54:00.0962 2748 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:54:00.0999 2748 exfat - ok 13:54:01.0017 2748 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:54:01.0068 2748 fastfat - ok 13:54:01.0105 2748 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 13:54:01.0166 2748 Fax - ok 13:54:01.0198 2748 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 13:54:01.0229 2748 fdc - ok 13:54:01.0256 2748 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:54:01.0313 2748 fdPHost - ok 13:54:01.0323 2748 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:54:01.0357 2748 FDResPub - ok 13:54:01.0382 2748 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:54:01.0393 2748 FileInfo - ok 13:54:01.0415 2748 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:54:01.0469 2748 Filetrace - ok 13:54:01.0493 2748 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:54:01.0522 2748 FLEXnet Licensing Service - ok 13:54:01.0555 2748 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 13:54:01.0569 2748 flpydisk - ok 13:54:01.0593 2748 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:54:01.0606 2748 FltMgr - ok 13:54:01.0659 2748 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 13:54:01.0692 2748 FontCache - ok 13:54:01.0734 2748 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:54:01.0754 2748 FontCache3.0.0.0 - ok 13:54:01.0771 2748 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:54:01.0787 2748 FsDepends - ok 13:54:01.0813 2748 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:54:01.0828 2748 Fs_Rec - ok 13:54:01.0857 2748 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:54:01.0880 2748 fvevol - ok 13:54:01.0907 2748 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 13:54:01.0921 2748 gagp30kx - ok 13:54:01.0979 2748 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 13:54:02.0010 2748 GamesAppService - ok 13:54:02.0046 2748 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:54:02.0079 2748 GEARAspiWDM - ok 13:54:02.0125 2748 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 13:54:02.0180 2748 gpsvc - ok 13:54:02.0217 2748 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 13:54:02.0237 2748 GREGService ( UnsignedFile.Multi.Generic ) - warning 13:54:02.0237 2748 GREGService - detected UnsignedFile.Multi.Generic (1) 13:54:02.0331 2748 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:54:02.0350 2748 gupdate - ok 13:54:02.0375 2748 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:54:02.0387 2748 gupdatem - ok 13:54:02.0432 2748 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 13:54:02.0447 2748 gusvc - ok 13:54:02.0493 2748 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 13:54:02.0506 2748 hamachi - ok 13:54:02.0537 2748 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:54:02.0584 2748 hcw85cir - ok 13:54:02.0617 2748 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:54:02.0648 2748 HdAudAddService - ok 13:54:02.0672 2748 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:54:02.0696 2748 HDAudBus - ok 13:54:02.0711 2748 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 13:54:02.0720 2748 HECIx64 - ok 13:54:02.0728 2748 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 13:54:02.0752 2748 HidBatt - ok 13:54:02.0756 2748 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 13:54:02.0783 2748 HidBth - ok 13:54:02.0799 2748 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 13:54:02.0814 2748 HidIr - ok 13:54:02.0841 2748 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 13:54:02.0888 2748 hidserv - ok 13:54:02.0902 2748 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:54:02.0914 2748 HidUsb - ok 13:54:02.0937 2748 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:54:02.0993 2748 hkmsvc - ok 13:54:03.0021 2748 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:54:03.0059 2748 HomeGroupListener - ok 13:54:03.0085 2748 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:54:03.0108 2748 HomeGroupProvider - ok 13:54:03.0136 2748 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:54:03.0150 2748 HpSAMD - ok 13:54:03.0184 2748 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:54:03.0246 2748 HTTP - ok 13:54:03.0265 2748 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:54:03.0275 2748 hwpolicy - ok 13:54:03.0301 2748 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:54:03.0314 2748 i8042prt - ok 13:54:03.0352 2748 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 13:54:03.0383 2748 iaStor - ok 13:54:03.0438 2748 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 13:54:03.0454 2748 IAStorDataMgrSvc - ok 13:54:03.0492 2748 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:54:03.0523 2748 iaStorV - ok 13:54:03.0567 2748 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:54:03.0602 2748 idsvc - ok 13:54:03.0613 2748 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 13:54:03.0626 2748 iirsp - ok 13:54:03.0655 2748 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 13:54:03.0720 2748 IKEEXT - ok 13:54:03.0768 2748 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 13:54:03.0814 2748 Impcd - ok 13:54:03.0907 2748 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 13:54:04.0040 2748 IntcAzAudAddService - ok 13:54:04.0054 2748 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 13:54:04.0064 2748 intelide - ok 13:54:04.0096 2748 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:54:04.0124 2748 intelppm - ok 13:54:04.0158 2748 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:54:04.0208 2748 IPBusEnum - ok 13:54:04.0217 2748 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:54:04.0252 2748 IpFilterDriver - ok 13:54:04.0279 2748 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:54:04.0333 2748 iphlpsvc - ok 13:54:04.0347 2748 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:54:04.0359 2748 IPMIDRV - ok 13:54:04.0389 2748 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:54:04.0426 2748 IPNAT - ok 13:54:04.0466 2748 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:54:04.0518 2748 iPod Service - ok 13:54:04.0539 2748 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:54:04.0560 2748 IRENUM - ok 13:54:04.0572 2748 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:54:04.0585 2748 isapnp - ok 13:54:04.0596 2748 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:54:04.0612 2748 iScsiPrt - ok 13:54:04.0640 2748 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 13:54:04.0656 2748 k57nd60a - ok 13:54:04.0664 2748 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:54:04.0675 2748 kbdclass - ok 13:54:04.0690 2748 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:54:04.0710 2748 kbdhid - ok 13:54:04.0723 2748 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 13:54:04.0734 2748 KeyIso - ok 13:54:04.0779 2748 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:54:04.0792 2748 KSecDD - ok 13:54:04.0806 2748 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:54:04.0820 2748 KSecPkg - ok 13:54:04.0827 2748 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:54:04.0876 2748 ksthunk - ok 13:54:04.0894 2748 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:54:04.0946 2748 KtmRm - ok 13:54:04.0983 2748 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 13:54:05.0032 2748 LanmanServer - ok 13:54:05.0059 2748 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:54:05.0108 2748 LanmanWorkstation - ok 13:54:05.0157 2748 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 13:54:05.0180 2748 Live Updater Service - ok 13:54:05.0210 2748 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:54:05.0253 2748 lltdio - ok 13:54:05.0279 2748 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:54:05.0333 2748 lltdsvc - ok 13:54:05.0340 2748 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:54:05.0385 2748 lmhosts - ok 13:54:05.0409 2748 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 13:54:05.0424 2748 LMS - ok 13:54:05.0443 2748 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 13:54:05.0457 2748 LSI_FC - ok 13:54:05.0484 2748 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 13:54:05.0499 2748 LSI_SAS - ok 13:54:05.0503 2748 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 13:54:05.0516 2748 LSI_SAS2 - ok 13:54:05.0522 2748 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 13:54:05.0538 2748 LSI_SCSI - ok 13:54:05.0547 2748 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:54:05.0599 2748 luafv - ok 13:54:05.0621 2748 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:54:05.0640 2748 Mcx2Svc - ok 13:54:05.0645 2748 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 13:54:05.0656 2748 megasas - ok 13:54:05.0670 2748 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 13:54:05.0685 2748 MegaSR - ok 13:54:05.0704 2748 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:54:05.0741 2748 MMCSS - ok 13:54:05.0753 2748 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:54:05.0815 2748 Modem - ok 13:54:05.0833 2748 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:54:05.0862 2748 monitor - ok 13:54:05.0879 2748 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:54:05.0891 2748 mouclass - ok 13:54:05.0915 2748 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:54:05.0944 2748 mouhid - ok 13:54:05.0961 2748 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:54:05.0977 2748 mountmgr - ok 13:54:06.0031 2748 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:54:06.0053 2748 MozillaMaintenance - ok 13:54:06.0067 2748 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:54:06.0084 2748 mpio - ok 13:54:06.0097 2748 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:54:06.0136 2748 mpsdrv - ok 13:54:06.0165 2748 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:54:06.0225 2748 MpsSvc - ok 13:54:06.0230 2748 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:54:06.0263 2748 MRxDAV - ok 13:54:06.0273 2748 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:54:06.0300 2748 mrxsmb - ok 13:54:06.0330 2748 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:54:06.0346 2748 mrxsmb10 - ok 13:54:06.0374 2748 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:54:06.0388 2748 mrxsmb20 - ok 13:54:06.0405 2748 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:54:06.0416 2748 msahci - ok 13:54:06.0436 2748 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:54:06.0449 2748 msdsm - ok 13:54:06.0463 2748 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:54:06.0478 2748 MSDTC - ok 13:54:06.0502 2748 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:54:06.0537 2748 Msfs - ok 13:54:06.0543 2748 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:54:06.0610 2748 mshidkmdf - ok 13:54:06.0621 2748 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:54:06.0632 2748 msisadrv - ok 13:54:06.0659 2748 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:54:06.0714 2748 MSiSCSI - ok 13:54:06.0719 2748 msiserver - ok 13:54:06.0735 2748 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:54:06.0780 2748 MSKSSRV - ok 13:54:06.0831 2748 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:54:06.0912 2748 MSPCLOCK - ok 13:54:06.0936 2748 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:54:06.0977 2748 MSPQM - ok 13:54:06.0995 2748 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:54:07.0011 2748 MsRPC - ok 13:54:07.0030 2748 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 13:54:07.0041 2748 mssmbios - ok 13:54:07.0109 2748 MSSQL$SQLEXPRESS - ok 13:54:07.0191 2748 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 13:54:07.0227 2748 MSSQLServerADHelper100 - ok 13:54:07.0245 2748 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:54:07.0306 2748 MSTEE - ok 13:54:07.0317 2748 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 13:54:07.0330 2748 MTConfig - ok 13:54:07.0348 2748 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:54:07.0362 2748 Mup - ok 13:54:07.0368 2748 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 13:54:07.0379 2748 mwlPSDFilter - ok 13:54:07.0394 2748 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 13:54:07.0405 2748 mwlPSDNServ - ok 13:54:07.0409 2748 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 13:54:07.0420 2748 mwlPSDVDisk - ok 13:54:07.0449 2748 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 13:54:07.0506 2748 napagent - ok 13:54:07.0536 2748 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:54:07.0565 2748 NativeWifiP - ok 13:54:07.0681 2748 [ 2989174DF02E0AEF54BAE90674FB445F ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 13:54:07.0712 2748 NAUpdate - ok 13:54:07.0741 2748 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 13:54:07.0777 2748 NDIS - ok 13:54:07.0795 2748 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:54:07.0841 2748 NdisCap - ok 13:54:07.0859 2748 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:54:07.0896 2748 NdisTapi - ok 13:54:07.0910 2748 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:54:07.0946 2748 Ndisuio - ok 13:54:07.0964 2748 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:54:08.0005 2748 NdisWan - ok 13:54:08.0019 2748 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:54:08.0053 2748 NDProxy - ok 13:54:08.0063 2748 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:54:08.0110 2748 NetBIOS - ok 13:54:08.0129 2748 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:54:08.0166 2748 NetBT - ok 13:54:08.0177 2748 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 13:54:08.0188 2748 Netlogon - ok 13:54:08.0234 2748 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:54:08.0310 2748 Netman - ok 13:54:08.0377 2748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:54:08.0389 2748 NetMsmqActivator - ok 13:54:08.0393 2748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:54:08.0403 2748 NetPipeActivator - ok 13:54:08.0429 2748 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:54:08.0489 2748 netprofm - ok 13:54:08.0507 2748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:54:08.0517 2748 NetTcpActivator - ok 13:54:08.0521 2748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:54:08.0531 2748 NetTcpPortSharing - ok 13:54:08.0560 2748 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 13:54:08.0572 2748 nfrd960 - ok 13:54:08.0592 2748 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:54:08.0644 2748 NlaSvc - ok 13:54:08.0726 2748 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 13:54:08.0824 2748 NOBU - ok 13:54:08.0834 2748 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:54:08.0870 2748 Npfs - ok 13:54:08.0880 2748 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:54:08.0916 2748 nsi - ok 13:54:08.0931 2748 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:54:08.0977 2748 nsiproxy - ok 13:54:09.0042 2748 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:54:09.0123 2748 Ntfs - ok 13:54:09.0169 2748 [ 874C6BEB44845D56D5F6B01ABE409E9C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe 13:54:09.0198 2748 NTI IScheduleSvc - ok 13:54:09.0206 2748 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 13:54:09.0216 2748 NTIDrvr - ok 13:54:09.0223 2748 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:54:09.0258 2748 Null - ok 13:54:09.0613 2748 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:54:10.0033 2748 nvlddmkm - ok 13:54:10.0064 2748 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:54:10.0077 2748 nvraid - ok 13:54:10.0085 2748 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:54:10.0099 2748 nvstor - ok 13:54:10.0152 2748 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe 13:54:10.0183 2748 NVSvc - ok 13:54:10.0188 2748 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:54:10.0202 2748 nv_agp - ok 13:54:10.0297 2748 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:54:10.0340 2748 odserv - ok 13:54:10.0344 2748 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:54:10.0372 2748 ohci1394 - ok 13:54:10.0414 2748 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:54:10.0426 2748 ose - ok 13:54:10.0558 2748 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:54:10.0706 2748 osppsvc - ok 13:54:10.0733 2748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:54:10.0765 2748 p2pimsvc - ok 13:54:10.0781 2748 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:54:10.0802 2748 p2psvc - ok 13:54:10.0845 2748 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 13:54:10.0871 2748 Parport - ok 13:54:10.0897 2748 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:54:10.0911 2748 partmgr - ok 13:54:10.0927 2748 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:54:10.0960 2748 PcaSvc - ok 13:54:10.0970 2748 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 13:54:10.0985 2748 pci - ok 13:54:10.0988 2748 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 13:54:11.0000 2748 pciide - ok 13:54:11.0013 2748 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 13:54:11.0027 2748 pcmcia - ok 13:54:11.0038 2748 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:54:11.0050 2748 pcw - ok 13:54:11.0071 2748 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:54:11.0123 2748 PEAUTH - ok 13:54:11.0192 2748 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:54:11.0224 2748 PerfHost - ok 13:54:11.0270 2748 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 13:54:11.0363 2748 pla - ok 13:54:11.0392 2748 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:54:11.0415 2748 PlugPlay - ok 13:54:11.0433 2748 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:54:11.0452 2748 PNRPAutoReg - ok 13:54:11.0474 2748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:54:11.0490 2748 PNRPsvc - ok 13:54:11.0517 2748 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:54:11.0562 2748 PolicyAgent - ok 13:54:11.0572 2748 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:54:11.0615 2748 Power - ok 13:54:11.0639 2748 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:54:11.0682 2748 PptpMiniport - ok 13:54:11.0697 2748 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 13:54:11.0718 2748 Processor - ok 13:54:11.0744 2748 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll 13:54:11.0797 2748 ProfSvc - ok 13:54:11.0808 2748 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:54:11.0820 2748 ProtectedStorage - ok 13:54:11.0841 2748 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:54:11.0878 2748 Psched - ok 13:54:11.0925 2748 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 13:54:11.0988 2748 ql2300 - ok 13:54:11.0993 2748 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 13:54:12.0006 2748 ql40xx - ok 13:54:12.0040 2748 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:54:12.0061 2748 QWAVE - ok 13:54:12.0070 2748 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:54:12.0099 2748 QWAVEdrv - ok 13:54:12.0116 2748 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:54:12.0158 2748 RasAcd - ok 13:54:12.0193 2748 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:54:12.0241 2748 RasAgileVpn - ok 13:54:12.0251 2748 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:54:12.0294 2748 RasAuto - ok 13:54:12.0304 2748 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:54:12.0355 2748 Rasl2tp - ok 13:54:12.0368 2748 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 13:54:12.0408 2748 RasMan - ok 13:54:12.0420 2748 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:54:12.0468 2748 RasPppoe - ok 13:54:12.0491 2748 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:54:12.0542 2748 RasSstp - ok 13:54:12.0565 2748 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:54:12.0609 2748 rdbss - ok 13:54:12.0617 2748 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 13:54:12.0632 2748 rdpbus - ok 13:54:12.0650 2748 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:54:12.0684 2748 RDPCDD - ok 13:54:12.0700 2748 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:54:12.0748 2748 RDPENCDD - ok 13:54:12.0770 2748 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:54:12.0806 2748 RDPREFMP - ok 13:54:12.0838 2748 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:54:12.0851 2748 RDPWD - ok 13:54:12.0893 2748 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:54:12.0919 2748 rdyboost - ok 13:54:12.0940 2748 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:54:12.0992 2748 RemoteAccess - ok 13:54:13.0024 2748 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:54:13.0069 2748 RemoteRegistry - ok 13:54:13.0083 2748 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:54:13.0125 2748 RpcEptMapper - ok 13:54:13.0151 2748 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:54:13.0176 2748 RpcLocator - ok 13:54:13.0192 2748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 13:54:13.0234 2748 RpcSs - ok 13:54:13.0266 2748 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys 13:54:13.0281 2748 RsFx0103 - ok 13:54:13.0295 2748 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:54:13.0345 2748 rspndr - ok 13:54:13.0389 2748 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 13:54:13.0430 2748 RSUSBSTOR - ok 13:54:13.0446 2748 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 13:54:13.0461 2748 SamSs - ok 13:54:13.0482 2748 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:54:13.0497 2748 sbp2port - ok 13:54:13.0538 2748 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:54:13.0579 2748 SCardSvr - ok 13:54:13.0590 2748 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:54:13.0640 2748 scfilter - ok 13:54:13.0669 2748 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 13:54:13.0740 2748 Schedule - ok 13:54:13.0762 2748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:54:13.0797 2748 SCPolicySvc - ok 13:54:13.0812 2748 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:54:13.0847 2748 SDRSVC - ok 13:54:13.0871 2748 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:54:13.0922 2748 secdrv - ok 13:54:13.0931 2748 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 13:54:13.0966 2748 seclogon - ok 13:54:13.0977 2748 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 13:54:14.0024 2748 SENS - ok 13:54:14.0055 2748 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:54:14.0086 2748 SensrSvc - ok 13:54:14.0117 2748 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 13:54:14.0135 2748 Serenum - ok 13:54:14.0147 2748 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 13:54:14.0162 2748 Serial - ok 13:54:14.0179 2748 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 13:54:14.0193 2748 sermouse - ok 13:54:14.0211 2748 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:54:14.0253 2748 SessionEnv - ok 13:54:14.0257 2748 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:54:14.0279 2748 sffdisk - ok 13:54:14.0283 2748 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:54:14.0298 2748 sffp_mmc - ok 13:54:14.0302 2748 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:54:14.0323 2748 sffp_sd - ok 13:54:14.0335 2748 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 13:54:14.0352 2748 sfloppy - ok 13:54:14.0407 2748 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 13:54:14.0432 2748 Sftfs - ok 13:54:14.0471 2748 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 13:54:14.0491 2748 sftlist - ok 13:54:14.0553 2748 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 13:54:14.0575 2748 Sftplay - ok 13:54:14.0591 2748 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 13:54:14.0601 2748 Sftredir - ok 13:54:14.0610 2748 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 13:54:14.0620 2748 Sftvol - ok 13:54:14.0635 2748 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 13:54:14.0648 2748 sftvsa - ok 13:54:14.0679 2748 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:54:14.0734 2748 SharedAccess - ok 13:54:14.0755 2748 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:54:14.0801 2748 ShellHWDetection - ok 13:54:14.0821 2748 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 13:54:14.0833 2748 SiSRaid2 - ok 13:54:14.0851 2748 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 13:54:14.0864 2748 SiSRaid4 - ok 13:54:15.0001 2748 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 13:54:15.0111 2748 Skype C2C Service - ok 13:54:15.0183 2748 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:54:15.0205 2748 SkypeUpdate - ok 13:54:15.0236 2748 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:54:15.0296 2748 Smb - ok 13:54:15.0333 2748 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:54:15.0364 2748 SNMPTRAP - ok 13:54:15.0390 2748 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:54:15.0404 2748 spldr - ok 13:54:15.0431 2748 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 13:54:15.0478 2748 Spooler - ok 13:54:15.0552 2748 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 13:54:15.0711 2748 sppsvc - ok 13:54:15.0726 2748 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:54:15.0764 2748 sppuinotify - ok 13:54:15.0815 2748 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 13:54:15.0846 2748 SQLAgent$SQLEXPRESS - ok 13:54:15.0905 2748 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 13:54:15.0933 2748 SQLBrowser - ok 13:54:16.0006 2748 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 13:54:16.0029 2748 SQLWriter - ok 13:54:16.0064 2748 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 13:54:16.0091 2748 srv - ok 13:54:16.0114 2748 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:54:16.0144 2748 srv2 - ok 13:54:16.0157 2748 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:54:16.0171 2748 srvnet - ok 13:54:16.0205 2748 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:54:16.0251 2748 SSDPSRV - ok 13:54:16.0264 2748 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:54:16.0301 2748 SstpSvc - ok 13:54:16.0342 2748 Steam Client Service - ok 13:54:16.0374 2748 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 13:54:16.0391 2748 stexstor - ok 13:54:16.0433 2748 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 13:54:16.0487 2748 stisvc - ok 13:54:16.0494 2748 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 13:54:16.0505 2748 swenum - ok 13:54:16.0528 2748 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:54:16.0582 2748 swprv - ok 13:54:16.0616 2748 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 13:54:16.0631 2748 SynTP - ok 13:54:16.0671 2748 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 13:54:16.0746 2748 SysMain - ok 13:54:16.0766 2748 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:54:16.0786 2748 TabletInputService - ok 13:54:16.0798 2748 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:54:16.0837 2748 TapiSrv - ok 13:54:16.0844 2748 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:54:16.0891 2748 TBS - ok 13:54:16.0950 2748 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:54:17.0013 2748 Tcpip - ok 13:54:17.0043 2748 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:54:17.0081 2748 TCPIP6 - ok 13:54:17.0102 2748 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:54:17.0148 2748 tcpipreg - ok 13:54:17.0167 2748 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:54:17.0192 2748 TDPIPE - ok 13:54:17.0212 2748 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:54:17.0222 2748 TDTCP - ok 13:54:17.0236 2748 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:54:17.0270 2748 tdx - ok 13:54:17.0292 2748 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 13:54:17.0303 2748 TermDD - ok 13:54:17.0337 2748 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 13:54:17.0389 2748 TermService - ok 13:54:17.0405 2748 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:54:17.0423 2748 Themes - ok 13:54:17.0450 2748 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:54:17.0485 2748 THREADORDER - ok 13:54:17.0499 2748 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:54:17.0541 2748 TrkWks - ok 13:54:17.0583 2748 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:54:17.0625 2748 TrustedInstaller - ok 13:54:17.0636 2748 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:54:17.0676 2748 tssecsrv - ok 13:54:17.0690 2748 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:54:17.0717 2748 TsUsbFlt - ok 13:54:17.0735 2748 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 13:54:17.0746 2748 TsUsbGD - ok 13:54:17.0766 2748 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:54:17.0812 2748 tunnel - ok 13:54:17.0831 2748 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 13:54:17.0841 2748 TurboB - ok 13:54:17.0891 2748 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 13:54:17.0958 2748 TurboBoost - ok 13:54:17.0962 2748 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 13:54:17.0973 2748 uagp35 - ok 13:54:17.0983 2748 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 13:54:17.0992 2748 UBHelper - ok 13:54:18.0014 2748 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:54:18.0067 2748 udfs - ok 13:54:18.0090 2748 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:54:18.0104 2748 UI0Detect - ok 13:54:18.0113 2748 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:54:18.0126 2748 uliagpkx - ok 13:54:18.0149 2748 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:54:18.0175 2748 umbus - ok 13:54:18.0178 2748 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 13:54:18.0194 2748 UmPass - ok 13:54:18.0293 2748 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 13:54:18.0378 2748 UNS - ok 13:54:18.0409 2748 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:54:18.0458 2748 upnphost - ok 13:54:18.0486 2748 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 13:54:18.0523 2748 USBAAPL64 - ok 13:54:18.0548 2748 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:54:18.0564 2748 usbccgp - ok 13:54:18.0597 2748 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:54:18.0615 2748 usbcir - ok 13:54:18.0634 2748 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:54:18.0653 2748 usbehci - ok 13:54:18.0674 2748 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:54:18.0693 2748 usbhub - ok 13:54:18.0709 2748 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:54:18.0727 2748 usbohci - ok 13:54:18.0757 2748 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:54:18.0781 2748 usbprint - ok 13:54:18.0803 2748 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:54:18.0857 2748 usbscan - ok 13:54:18.0867 2748 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:54:18.0892 2748 USBSTOR - ok 13:54:18.0909 2748 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 13:54:18.0936 2748 usbuhci - ok 13:54:18.0970 2748 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 13:54:18.0992 2748 usbvideo - ok 13:54:19.0011 2748 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:54:19.0058 2748 UxSms - ok 13:54:19.0063 2748 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 13:54:19.0076 2748 VaultSvc - ok 13:54:19.0087 2748 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:54:19.0098 2748 vdrvroot - ok 13:54:19.0114 2748 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 13:54:19.0169 2748 vds - ok 13:54:19.0205 2748 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:54:19.0220 2748 vga - ok 13:54:19.0233 2748 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:54:19.0283 2748 VgaSave - ok 13:54:19.0292 2748 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:54:19.0306 2748 vhdmp - ok 13:54:19.0310 2748 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:54:19.0320 2748 viaide - ok 13:54:19.0334 2748 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:54:19.0346 2748 volmgr - ok 13:54:19.0366 2748 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:54:19.0383 2748 volmgrx - ok 13:54:19.0404 2748 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:54:19.0420 2748 volsnap - ok 13:54:19.0474 2748 [ 4D8FC912E146DE0115392381C7114588 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 13:54:19.0551 2748 vpnagent - ok 13:54:19.0570 2748 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys 13:54:19.0581 2748 vpnva - ok 13:54:19.0614 2748 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 13:54:19.0628 2748 vsmraid - ok 13:54:19.0687 2748 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 13:54:19.0795 2748 VSS - ok 13:54:19.0809 2748 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:54:19.0838 2748 vwifibus - ok 13:54:19.0855 2748 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:54:19.0888 2748 vwififlt - ok 13:54:19.0904 2748 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:54:19.0945 2748 W32Time - ok 13:54:19.0959 2748 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 13:54:19.0986 2748 WacomPen - ok 13:54:20.0016 2748 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:54:20.0058 2748 WANARP - ok 13:54:20.0073 2748 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:54:20.0108 2748 Wanarpv6 - ok 13:54:20.0179 2748 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:54:20.0270 2748 WatAdminSvc - ok 13:54:20.0312 2748 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 13:54:20.0388 2748 wbengine - ok 13:54:20.0413 2748 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:54:20.0436 2748 WbioSrvc - ok 13:54:20.0457 2748 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:54:20.0485 2748 wcncsvc - ok 13:54:20.0502 2748 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:54:20.0529 2748 WcsPlugInService - ok 13:54:20.0550 2748 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 13:54:20.0561 2748 Wd - ok 13:54:20.0579 2748 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:54:20.0602 2748 Wdf01000 - ok 13:54:20.0613 2748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:54:20.0692 2748 WdiServiceHost - ok 13:54:20.0696 2748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:54:20.0719 2748 WdiSystemHost - ok 13:54:20.0733 2748 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:54:20.0766 2748 WebClient - ok 13:54:20.0785 2748 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:54:20.0839 2748 Wecsvc - ok 13:54:20.0852 2748 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:54:20.0888 2748 wercplsupport - ok 13:54:20.0933 2748 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:54:20.0997 2748 WerSvc - ok 13:54:21.0026 2748 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:54:21.0062 2748 WfpLwf - ok 13:54:21.0074 2748 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:54:21.0085 2748 WIMMount - ok 13:54:21.0111 2748 WinDefend - ok 13:54:21.0117 2748 WinHttpAutoProxySvc - ok 13:54:21.0181 2748 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:54:21.0271 2748 Winmgmt - ok 13:54:21.0321 2748 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 13:54:21.0410 2748 WinRM - ok 13:54:21.0463 2748 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:54:21.0484 2748 WinUsb - ok 13:54:21.0510 2748 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:54:21.0558 2748 Wlansvc - ok 13:54:21.0600 2748 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 13:54:21.0610 2748 wlcrasvc - ok 13:54:21.0694 2748 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:54:21.0778 2748 wlidsvc - ok 13:54:21.0808 2748 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 13:54:21.0827 2748 WmiAcpi - ok 13:54:21.0853 2748 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:54:21.0881 2748 wmiApSrv - ok 13:54:21.0899 2748 WMPNetworkSvc - ok 13:54:21.0926 2748 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:54:21.0943 2748 WPCSvc - ok 13:54:21.0954 2748 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:54:21.0970 2748 WPDBusEnum - ok 13:54:21.0973 2748 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:54:22.0009 2748 ws2ifsl - ok 13:54:22.0025 2748 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 13:54:22.0056 2748 wscsvc - ok 13:54:22.0059 2748 WSearch - ok 13:54:22.0136 2748 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:54:22.0238 2748 wuauserv - ok 13:54:22.0249 2748 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:54:22.0296 2748 WudfPf - ok 13:54:22.0329 2748 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:54:22.0376 2748 WUDFRd - ok 13:54:22.0398 2748 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:54:22.0433 2748 wudfsvc - ok 13:54:22.0444 2748 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 13:54:22.0467 2748 WwanSvc - ok 13:54:22.0476 2748 ================ Scan global =============================== 13:54:22.0497 2748 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:54:22.0538 2748 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:54:22.0564 2748 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:54:22.0586 2748 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:54:22.0620 2748 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:54:22.0625 2748 [Global] - ok 13:54:22.0627 2748 ================ Scan MBR ================================== 13:54:22.0642 2748 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 13:54:22.0995 2748 \Device\Harddisk0\DR0 - ok 13:54:22.0996 2748 ================ Scan VBR ================================== 13:54:22.0999 2748 [ 2B3BCD70BE766C39A5C54E65001C0C35 ] \Device\Harddisk0\DR0\Partition1 13:54:23.0002 2748 \Device\Harddisk0\DR0\Partition1 - ok 13:54:23.0012 2748 [ 775D6077BF29377E28951C537D4C201B ] \Device\Harddisk0\DR0\Partition2 13:54:23.0014 2748 \Device\Harddisk0\DR0\Partition2 - ok 13:54:23.0032 2748 [ 7ED3757200281A38591CAE0914555A40 ] \Device\Harddisk0\DR0\Partition3 13:54:23.0034 2748 \Device\Harddisk0\DR0\Partition3 - ok 13:54:23.0035 2748 ============================================================ 13:54:23.0035 2748 Scan finished 13:54:23.0035 2748 ============================================================ 13:54:23.0048 1172 Detected object count: 1 13:54:23.0048 1172 Actual detected object count: 1 13:55:54.0944 1172 GREGService ( UnsignedFile.Multi.Generic ) - skipped by user 13:55:54.0945 1172 GREGService ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:56:02.0900 5068 Deinitialize success |
06.07.2013, 13:01 | #7 |
/// Malware-holic | Iminent - Deinstallation erfolglos Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 13:23 | #8 |
| Iminent - Deinstallation erfolglosCode:
ATTFilter Combofix Logfile: |
06.07.2013, 13:28 | #9 |
/// Malware-holic | Iminent - Deinstallation erfolglos Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 14:29 | #10 |
| Iminent - Deinstallation erfolglos VIELEN DANK schonmal für alles! Ich bin echt begeistert, wie schnell das hier geht! Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.07.06.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 AnneLiese :: ANNELIESE-PC [Administrator] 06.07.2013 14:37:42 mbam-log-2013-07-06 (14-37-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 490617 Laufzeit: 48 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\AnneLiese\Downloads\CryptLoad_1.1.8(2).rar (PUP.Netcat) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\AnneLiese\Downloads\CryptLoad_1.1.8.rar (PUP.Netcat) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
06.07.2013, 14:33 | #11 |
/// Malware-holic | Iminent - Deinstallation erfolglos Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 14:52 | #12 |
| Iminent - Deinstallation erfolglosCode:
ATTFilter 7-Zip 9.20 27.01.2013 notwendig 7-Zip 9.20 (x64 edition) Igor Pavlov 29.01.2013 3,44MB 9.20.00.0 notwendig Acer Backup Manager NewTech Infosystems 07.11.2011 27,1MB 2.0.0.72 unbekannt Acer Crystal Eye Webcam CyberLink Corp. 29.05.2012 33,7MB 1.0.1904 unbekannt Acer ePower Management Acer Incorporated 29.05.2012 5.00.3009 unbekannt Acer eRecovery Management Acer 07.11.2011 4.05.3500 unbekannt Acer Games WildTangent 07.11.2011 1.0.2.5 unbekannt Acer Registration Acer Incorporated 29.05.2012 1.04.3502 unbekannt Acer ScreenSaver Acer Incorporated 29.05.2012 1.1.0517.2011 unbekant Acer Updater Acer Incorporated 07.11.2011 1.02.3500 unbekannt Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 29.05.2012 6,00MB 10.3.181.34 unbekannt Adobe Flash Player 11 Plugin Adobe Systems Incorporated 29.06.2013 6,00MB 11.7.700.224 unbekannt Adobe Reader X (10.1.4) MUI Adobe Systems Incorporated 12.11.2012 480MB 10.1.4 notwendig Apple Application Support Apple Inc. 12.06.2012 50,9MB 1.5.2 unbekant Apple Mobile Device Support Apple Inc. 12.06.2012 22,6MB 3.4.1.2 unbekannt Apple Software Update Apple Inc. 12.06.2012 2,25MB 2.1.3.127 unbekannt ArchiCAD 15 R1 GER Graphisoft 24.01.2013 1,13GB 15.0 notwendig AVG 2012 AVG Technologies 14.05.2013 2012.1.2242 notwendig Bonjour Apple Inc. 12.06.2012 1,74MB 2.0.5.0 unbekannt Broadcom Gigabit NetLink Controller Broadcom Corporation 29.05.2012 448KB 14.0.2.3 unbekannt Canon Easy-WebPrint EX 08.07.2012 notwendig Canon MP Navigator EX 3.0 08.07.2012 notwendig Canon MP550 series Benutzerregistrierung 08.07.2012 notwendig Canon MP550 series MP Drivers 08.07.2012 notwendig Canon Utilities Easy-PhotoPrint EX 08.07.2012 notwendig Canon Utilities My Printer 08.07.2012 notwendig Canon Utilities Solution Menu 08.07.2012 notwendig CCleaner Piriform 19.06.2013 4.03 notwendig Cisco AnyConnect Secure Mobility Client Cisco Systems, Inc. 04.05.2013 3.1.03103 notwendig CyberLink PowerDVD 9 CyberLink Corp. 29.05.2012 108MB 9.0.3817.50 notwendig DefaultTab Search Results, LLC 11.02.2013 2.2.1.0 unbekannt eBay Worldwide OEM 29.05.2012 100KB 2.2.0409 unnötig Facebook Video Calling 1.2.0.287 Skype Limited 10.12.2012 4,76MB 1.2.287 unnötig Google Chrome Google Inc. 12.11.2012 27.0.1453.116 unnötig Identity Card Acer Incorporated 29.05.2012 1.00.3501 unbekannt Intel(R) Management Engine Components Intel Corporation 02.06.2012 6.0.0.1179 unbekannt Intel(R) Rapid Storage Technology Intel Corporation 01.06.2012 9.6.2.1001 unbekannt Intel(R) Turbo Boost Technology Driver Intel Corporation 02.06.2012 01.02.00.1002unbekannt iTunes Apple Inc. 12.06.2012 145MB 10.3.1.55 notwendig Java 7 Update 25 Oracle 28.06.2013 129MB 7.0.250 notwendig Launch Manager Acer Inc. 29.05.2012 4.0.14 unbekannt League of Legends Riot Games 25.06.2013 3.0.1 notwendig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 06.07.2013 19,2MB 1.75.0.1300 notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 09.09.2012 38,8MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 09.09.2012 2,93MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Extended Microsoft Corporation 09.09.2012 51,9MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 09.09.2012 10,6MB 4.0.303190 unbekannt Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 09.09.2012 83,4MB 4.0.30319 unbekannt Microsoft Help Viewer 1.0 Microsoft Corporation 09.09.2012 3,97MB 1.0.30319 unbekannt Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 09.09.2012 1,95MB 1.0.30319 unbekannt Microsoft Office 2010 Microsoft Corporation 29.05.2012 6,31MB 14.0.4763.1000 unbekannt Microsoft Office Klick-und-Los 2010 Microsoft Corporation 03.06.2012 14.0.4763.1000 notwendig Microsoft Office Professional Plus 2007 Microsoft Corporation 02.02.2013 12.0.4518.1014unbekannt Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 03.06.2012 14.0.5128.5002 unbekannt Microsoft Office Word Viewer 2003 Microsoft Corporation 30.09.2012 28,1MB 11.0.8173.0 unbekannt Microsoft PowerPoint Viewer Microsoft Corporation 30.09.2012 147MB 14.0.4763.1000 notwendig Microsoft Silverlight Microsoft Corporation 07.06.2013 40,3MB 4.1.10329.0 notwendig Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 07.11.2011 1,69MB 3.1.0000 unbekannt Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 09.09.2012 unbekannt Microsoft SQL Server 2008 Browser Microsoft Corporation 09.09.2012 8,00MB 10.1.2531.0 unbekannt Microsoft SQL Server 2008 Native Client Microsoft Corporation 09.09.2012 7,07MB 10.1.2531.0 unbekannt Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 09.09.2012 17,1MB 10.50.1447.4 unbekannt Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 09.09.2012 3,69MB 3.5.8080.0 unbekannt Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 09.09.2012 4,81MB 3.5.8080.0 unbekannt Microsoft SQL Server System CLR Types Microsoft Corporation 09.09.2012 2,54MB 10.50.1447.4 unbekannt Microsoft SQL Server VSS Writer Microsoft Corporation 09.09.2012 3,59MB 10.1.2531.0 unbekannt Microsoft Visual Basic 2010 Express - DEU Microsoft Corporation 09.09.2012 10.0.30319 notwendig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 29.05.2012 348KB 8.0.59193 unbekannt Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 25.06.2013 620KB 8.0.59192 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.11.2011 240KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.11.2011 596KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 09.09.2012 599KB 9.0.30729.4974 unbekannt Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation 09.09.2012 33,0MB 10.0.30319 unbekannt Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 09.09.2012 35,2MB 10.0.30319 unbekannt Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU Microsoft Corporation 09.09.2012 4,31MB 10.0.30319 notwenig Mozilla Firefox 22.0 (x86 de) Mozilla 04.07.2013 50,8MB 22.0 notwendig Mozilla Maintenance Service Mozilla 04.07.2013 333KB 22.0 unbekannt MyWinLocker Suite Egis Technology Inc. 07.11.2011 2,63MB 4.0.14.15 unbekannt Nero BackItUp 10 Nero AG 28.06.2013 109MB 5.6.11700.17.100unbekannt Nero BackItUp and Burn Essentials Nero AG 28.06.2013 352MB 10.5.10500 notwendig Nero BurnRights 10 Nero AG 28.06.2013 6,14MB 4.2.10500.1.102 notwendig Nero Express 10 Nero AG 28.06.2013 165MB 10.2.12500.26.100 nitwendig Nero RescueAgent 10 Nero AG 28.06.2013 6,53MB 3.2.10800.9.100 unbekannt Nero Update Nero AG 28.06.2013 1,42MB 1.0.10300.25.0unbekannt newsXpresso esobi Inc. 07.11.2011 7,34MB 1.0.0.40 unbekannt Norton Online Backup Symantec Corporation 07.11.2011 6,19MB 2.1.17869 unbekannt NTI Media Maker 9 NTI Corporation 29.05.2012 1,60GB 9.0.2.8942 unbekannt NVIDIA Grafiktreiber 268.00 NVIDIA Corporation 29.05.2012 268.00 unbekannt NVIDIA PhysX NVIDIA Corporation 29.05.2012 78,9MB 9.10.0514 unbekannt Pando Media Booster Pando Networks Inc. 23.01.2013 5,46MB 2.6.0.8 unbekannt PDFCreator Frank Heindörfer, Philip Chinery 10.09.2012 1.5.0 notwendig Picasa 3 Google, Inc. 22.03.2013 3.9 notwendig QuickTime Apple Inc. 12.06.2012 73,7MB 7.69.80.9 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 29.05.2012 6.0.1.6141 unbekannt Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 29.05.2012 6.1.7600.30124 unbekannt Rossmann Fotowelt Software 4.12.1 ORWO Net 05.02.2013 4.12.1 unnötig Skype Click to Call Skype Technologies S.A. 09.11.2012 33,1MB 6.3.11079 notwendig Skype™ 6.1 Skype Technologies S.A. 29.01.2013 21,1MB 6.1.129 notwendig Space Pirates and Zombies MinMax Games Ltd. 30.06.2013 unnötig Spotify Spotify AB 19.06.2013 0.9.1.53.g876fa9df notwenig Steam Valve Corporation 30.06.2013 35,4MB 1.0.0.0 unnötig Synaptics Pointing Device Driver Synaptics Incorporated 29.05.2012 14.0.19.0 unbekannt TrackMania Nations Forever Nadeo 30.06.2013 unbekannt Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 09.09.2012 33,7MB 10.1.2731.0 unbekannt Visual Studio 2008 x64 Redistributables AVG Technologies 02.07.2012 10,0MB 10.0.0.2 unbekannt Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 09.09.2012 11,1MB 4.0.8080.0 notwendig Welcome Center Acer Incorporated 29.05.2012 1.02.3503 unbekannt Windows Live Essentials Microsoft Corporation 07.11.2011 15.4.3508.1109 unbekannt WISO Steuer-Sparbuch 2012 Buhl Data Service GmbH 03.08.2012 19.00.7303 notwendig Überwachungstool für die Intel® Turbo-Boost-Technik Intel 29.05.2012 1,13MB 1.0.186.6 unbekannt |
06.07.2013, 14:55 | #13 |
/// Malware-holic | Iminent - Deinstallation erfolglos deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: eBay Rossmann Space Steam TrackMania Windows Live : alle für dich unnötigen Öffne bitte CCleaner, analysieren, starten, PC neustarten. Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 15:52 | #14 |
| Iminent - Deinstallation erfolglosCode:
ATTFilter # AdwCleaner v2.304 - Datei am 06/07/2013 um 16:49:16 erstellt # Aktualisiert am 03/07/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : AnneLiese - ANNELIESE-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\AnneLiese\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** ***** [Registrierungsdatenbank] ***** ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16611 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v22.0 (de) Datei : C:\Users\AnneLiese\AppData\Roaming\Mozilla\Firefox\Profiles\sf53va8u.default\prefs.js [OK] Die Datei ist sauber. Datei : C:\Users\Lieblingsbruder\AppData\Roaming\Mozilla\Firefox\Profiles\90plclfi.default\prefs.js [OK] Die Datei ist sauber. |
06.07.2013, 15:55 | #15 |
/// Malware-holic | Iminent - Deinstallation erfolglos Hi, HitmanPro - Download - Filepony Hitmanpro laden, doppelklicken, scan klicken. Nichts löschen, weiter klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Iminent - Deinstallation erfolglos |
7-zip, aufgetaucht, avg secure search, benachrichtigungsdienst, bereits, deinstallation, einfach, erfolglos, gmer, iminent, install.exe, launch, microsoft office starter 2010, msiinstaller, msn deutschland, nichts, pirates, plug-in, problem, scans, schritte, secure search, systemereignisse, systems, systemsteuerung, visual studio, wenig, wildtangent games |