| |
| |||||||
Log-Analyse und Auswertung: Probleme mit PWS:Win32/Zbot.gen!AJ - TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.05.2013, 13:13
| #1 |
| |  Probleme mit PWS:Win32/Zbot.gen!AJ - Trojaner Einen schönen guten Tag wünsche ich euch  Ich bin mittels Google auf dieses schöne Forum gestoßen und war erstaunt über die tolle Hilfe. Ich habe seit gestern Schwierigkeiten mit dem Trojaner PWS:Win32/Zbot.gen!AJ Dieser Trojaner gibt mir immer wieder ein Fenster mit einem "angeblichen Javaupdate" auf den Desktop. Das einzigste, was ich da noch tun konnte, war über den Taskmanager diesen Prozess zu beenden, weil ich auf keinen fall auf irgendeine Schaltfläche in diesem Fenster klicken wollte. Leider habe ich keine Ahnung, wie ich mir den eingefangen habe. Ich surfe wenn überhaupt nur auf Seiten meines Vertrauens über normale Games bzw. als angehender Musiker in Foren oder Intrumentenshops. Ich wäre euch sehr dankbar, wenn mir jemand helfen könnte, da ich mit meinem Latein leider am Ende bin. Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:28 on 09/05/2013 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL Logfile: Extras.txt: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.05.2013 13:41:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop\Troja
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 74,08% Memory free
23,54 Gb Paging File | 21,46 Gb Available in Paging File | 91,17% Paging File free
Paging file location(s): c:\pagefile.sys 16000 16000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 6,47 Gb Free Space | 11,60% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 596,35 Gb Free Space | 64,02% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{077D5776-E860-4300-90A6-B35D5CCB1687}" = lport=139 | protocol=6 | dir=in | app=system |
"{09D41D7E-ACB1-4BB5-B8B5-E53E3E90F169}" = rport=138 | protocol=17 | dir=out | app=system |
"{0DA42BB4-4871-4574-A999-3BA240D961FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{11BA9E48-BA42-4F24-B035-ED28705E68E7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1FDE8D4D-C784-4C18-AA10-AF91C144E24E}" = lport=137 | protocol=17 | dir=in | app=system |
"{23D55D66-02BE-4285-B2CF-30AF0306BB8E}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A979596-0926-44B1-8AF7-E35E530F5025}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{54F3C335-E97B-4765-AE8E-AA56170A3CEE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{67C1E9E3-AEB7-4F81-8005-863741BAFF2E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E3512AC-B1AF-4848-A028-DEE6243EA254}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7A1CB602-C607-48CC-8374-79E725BD41F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{7CD8D511-D69C-4983-B8BD-2725224A8AFE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DECD808-3E0C-4268-BDE0-C4E3B20722A6}" = lport=138 | protocol=17 | dir=in | app=system |
"{A38F3CF6-EE2B-4863-907C-B4B7DA27C786}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3F99C79-12E0-4E8A-B69A-0EC0995E45DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4C45072-C786-4C03-8F5E-89F95046A740}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4D6ECAF-A0E8-46B3-8684-197E825A2593}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6E5BAEC-8832-404F-82DE-14B0F5D461D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B482BD36-E6E2-428E-B8A3-69E381A8CF0E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BAC2BB43-DD7C-4922-A981-B3A50E3938B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BDEDBFB9-BE18-48C4-8FFC-A7A477DC1448}" = rport=139 | protocol=6 | dir=out | app=system |
"{C05AE496-B891-410D-A678-E8F132D5C26F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C6D4C0B1-E556-420D-8C4A-A2F575CFBD31}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CDD88EC0-C9C1-428D-9AE0-949E190FA8FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DA0590E4-78BA-42F5-9684-A2675113903F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8BF5878-B35D-4396-AB55-B3D65A9EFDF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EFECD3-F92A-4B71-A73F-E5CA2B6CDF5F}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{033489E9-A433-475F-A4F9-931EDA2B5A9F}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{056C261C-92A1-4F7B-BAE4-1FFA9B8E0CF7}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{06056C18-69B2-43AE-B4E4-615C2197A93D}" = protocol=17 | dir=in | app=d:\ubisoft\ac3mp.exe |
"{0A4876D8-16DF-46FF-9AC7-93683D23F635}" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{0B82F6A3-2EF2-4162-B612-6019F21BFB64}" = protocol=17 | dir=in | app=d:\ubisoft\ac3sp.exe |
"{0BD0495B-9A14-4F77-8BED-BF9B73CF902A}" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{0C1D9B23-EA0B-461E-A364-C803085259D8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{0D2E4838-9CEB-4E71-AF84-F661C12DC24C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{0D6CE2D1-D97C-435A-AFED-D62100E6CD07}" = protocol=6 | dir=out | app=system |
"{1256AE09-5A2A-43B8-A940-7E915E0952C5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{15C8092F-3471-4C82-8CB0-0266899B3695}" = protocol=6 | dir=in | app=d:\ubisoft\related designs\anno 2070\anno5.exe |
"{17A548C0-9FF4-4870-A1CA-5AA99992C93F}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\risen 2\system\risen2.exe |
"{1801E0A6-4313-4EF9-99B6-03CA93055977}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"{18B0A534-5C3B-4472-B779-5002C96CD252}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{1EAF6211-42B2-4001-A32A-8A70AC9CBF88}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{1FC87223-B3C0-4141-BB23-886A94417DDD}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{20FE7F30-A4FC-4B8E-A359-CC55AD537448}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{21728FB5-1ABC-44C8-94D2-54804B231810}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{257E6362-0596-4679-A96C-801D21D94FDA}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{267B07DC-5F40-42D2-9C49-8A26BF0E68D5}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{26BC5463-CE75-415C-9152-9859888C939D}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{2883B452-E348-4465-962E-26F39E185E30}" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{2B3184D6-1E52-42B3-8081-BA90C1EF7AD4}" = protocol=6 | dir=in | app=d:\ubisoft\ac3mp.exe |
"{2D045744-4126-4046-9354-E91FB60FC084}" = protocol=6 | dir=in | app=d:\program files (x86)\simcity\need for speed(tm) most wanted\nfs13.exe |
"{2DB1D183-45F5-4A17-8645-F42F8E3B0CC6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2E586663-52AB-4AA8-96F5-A20976B6C215}" = protocol=17 | dir=in | app=d:\ubisoft\assassinscreed3.exe |
"{39BBC0A0-BB7A-404A-9984-0099546609FC}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{3B91F768-0B91-4C5F-A351-D05E3E874A51}" = protocol=17 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fear.exe |
"{3BD5B557-8104-4C73-911F-153B0CE71753}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3C4F20B6-9684-48B9-9324-F3AA57CEA6F2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{3DE43C7D-49CB-494F-BE46-5FD2136831D6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3FE0BAC1-16A8-49C1-8F45-6A85E8A92445}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{41120940-9B7E-4094-ABFE-56240759792E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe |
"{43649CF9-6C84-435D-8105-6967162B03D9}" = protocol=6 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fear.exe |
"{43A98556-E466-4604-A0F7-D5FEEBD0E7CA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{46909076-7450-415D-9138-C3F28A0F7F54}" = protocol=17 | dir=in | app=d:\program files (x86)\simcity\need for speed(tm) most wanted\nfs13.exe |
"{47F0DCD1-F1D0-4087-98E6-2F62BA355E54}" = protocol=17 | dir=in | app=d:\ubisoft\related designs\anno 2070\initengine.exe |
"{4955AE94-7EB0-415B-AB48-67EE46CFF488}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{497B7F0E-3C99-463D-87AC-5E54990C53D3}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"{49A19E4F-65A7-4F60-A69D-2670E570A931}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4A1298BD-B710-4C99-9D94-121F8C706AE8}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{4B0AD022-9C70-4BE4-AA42-E6E3E0F9563D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4C694E9D-1BD6-4FA5-8CF0-553361C92FBA}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{4E214E4D-906F-4C90-B08E-C77929AAF505}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{4E77B2FF-3DB0-42F9-8A52-DA4384D69A51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4ED174F9-FB6E-47ED-891C-3C7BDE66BBC7}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{500FE8F6-3FAA-4E60-AE5F-8DA2CB1E952D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50EE7E8F-1C12-4C46-947D-329765A491EC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{52A05FEB-1D91-4115-AAC5-7670EFF4DB16}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{56296829-CACD-4583-9317-2E29FCEA035D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{56AD191E-29E4-4304-83C4-A496266172E0}" = protocol=6 | dir=in | app=d:\ubisoft\related designs\anno 2070\initengine.exe |
"{5AC64AFC-2449-4941-98E0-A06B6E3C26F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CC9A926-0A47-4175-A575-339596D7440E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D513D46-FFB8-402F-87C1-3A9A8584C76E}" = protocol=17 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fearxp\fearxp.exe |
"{5DCADD2E-3E04-4F9F-8DA8-D854EAFCF478}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\risen 2\system\risen2.exe |
"{5E0D65E7-B679-4D3C-854C-675AC4B44A4E}" = protocol=17 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fearxp2\fearxp2.exe |
"{5F3E1583-3686-4AE2-88E3-3E2867B3E6C0}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{609DF84D-0C36-4691-B132-9A70219314B9}" = protocol=6 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fearxp2\fearxp2.exe |
"{60D27E16-4B95-42D0-BAA7-B3CC7F3A34FA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{628D7CA3-6CDC-4312-91CA-6055B8CDA0D2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{62D6AA54-0E04-4674-B974-0848E31EBEEC}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{6464E79A-344E-40AB-8BF7-FD7CC5C1DD51}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{64F5A6A7-E728-4F86-B900-4A3336A848B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65A41357-65F3-49EA-A0FF-7095D3853DC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{691BBDB8-2020-4BB6-8469-FF32460A1B12}" = protocol=17 | dir=in | app=d:\ubisoft\related designs\anno 2070\anno5.exe |
"{6BB583D2-E8C9-4F37-B75B-4899DC9C46F8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{6C2A8EB5-2BD7-413F-9679-08BF5950658F}" = protocol=17 | dir=in | app=d:\ubisoft\related designs\anno 2070\autopatcher.exe |
"{6E880364-E8DF-4C65-9C2A-01BBE2565713}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{70FF295E-7AE3-469A-B737-D323F237E567}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{7255AEF1-AC7B-494D-9C23-746EA736ECE3}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{7465E148-65B5-487C-AB1F-7EDA49D85B1E}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{765A47C5-DC53-4EDE-9F73-C60D3BAC5A81}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{79020837-F1E9-4C2A-8C80-9CB8F76F6F0A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7913ADB0-03EC-472E-92F3-0F91F391FE98}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe |
"{7B45A464-511E-49B4-8111-1F0295F8E385}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{7B747831-3582-4B38-B3D2-1CBBD8B106A7}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{813EF923-AC5D-4AB7-9F65-130D3F0611A3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{845F1CB7-3F45-49D9-8427-73428BB45631}" = protocol=6 | dir=in | app=d:\program files (x86)\simcity\simcity\simcity\simcity.exe |
"{8884FA7F-ADC1-41C6-8093-DC258A8B0679}" = protocol=6 | dir=in | app=d:\ubisoft\ac3sp.exe |
"{8A0E20D6-706A-4ED3-96C6-FF48E74EAF2F}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{8F2E5B86-6F9F-47AE-8EB4-056A417F08EF}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{910A04F1-5B06-42D2-92CD-602B32113562}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{9128BB8B-9F28-4F9D-A890-24E41EC54675}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{91590EF2-BAF6-422D-B155-02F259F29CB1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{945EA94F-FE12-4689-BB51-1A44C9C06906}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{97EF507D-EBA3-445C-B6E3-BF4E64E269BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{98A2AABE-0367-4031-A2B9-AEAD1A40E2A2}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{9C02603A-EE49-4C01-8B3E-F9DEC757188B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E9E8B05-AB83-4BF1-90C5-5153963A353A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F1BDA60-8923-4C0C-8ACB-47BDB1490EAB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9F887C71-24E9-438C-9A20-CD6DAE20DF54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2131C58-FBC2-4B44-8963-10B27C7AF593}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{A63E16D6-306A-47C6-A21F-63E68BEFD619}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7259451-1583-44B1-8531-7B873CEDED2D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{A97E291C-B261-4AB9-861D-3B7F28BF9DF2}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{AAA235EE-7A75-4251-A75B-B0C9648292E6}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{AB8B73FD-3F6C-4099-981C-82A927222926}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{AC84F021-D05E-4928-904D-C60A78897730}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B1D94C39-1DFF-41C9-8917-8DD0B73BBFA2}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{B5D92E4A-5713-4127-8EA6-A1F26D810FEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD29AA03-62DA-4A31-A3F3-ACCD0D84F1DC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BF23C7B3-5772-466A-B58D-D1D19A006F34}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BFB7AEF6-E52E-4C3E-BEE9-652C9CB2A470}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{C093F698-3623-4CE3-A610-6F5BC2DFEB2A}" = protocol=17 | dir=in | app=d:\program files (x86)\simcity\simcity\simcity\simcity.exe |
"{C1A9D2F6-9F6C-477E-BC2C-EC4067F351C8}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{C1B9C2F0-5A73-4738-95A8-202057E9AC73}" = protocol=6 | dir=in | app=d:\program files (x86)\wb games\fear ultimate shooter\fear\fearxp\fearxp.exe |
"{C1C11B9C-9BA2-4AAA-B042-91711174E339}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{C44FCB8A-65E0-4EFF-BD36-4DDF0F5ECDD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C7CDBCE6-9B3B-4F89-B792-5586B3D5B81F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{CB6455BF-1F73-4A80-9B34-C04889F78F98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE994199-3F90-4FA1-AC30-666E7BDEBBBA}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{D2399C61-981B-4706-8AC8-60C5AF027A6D}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{D5558EC2-4546-440D-9E6F-2FC69AD8D407}" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{D5D85225-F918-4CF1-A9D6-67D8A0376619}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{D84072DE-19BD-41E6-9E0B-9D248BCD4756}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{DB6E50C6-0349-488D-B26B-15ACFC673180}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{DC11A52D-DC3A-42BA-AC63-2640624EBC4C}" = protocol=6 | dir=in | app=d:\ubisoft\related designs\anno 2070\autopatcher.exe |
"{DC178C2E-7902-48D9-9A0A-84AD11E53443}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF853CB0-89CA-44AC-863F-151A1A9D2BDE}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{E0C00B6C-29E7-4AD4-99C5-8A050FD8F351}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{E7EB8130-3439-40D3-8FF1-9CD35988B256}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{EB77CF1B-E26D-4A67-8364-00DD57CF225D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EC13ED3F-E92F-4C1F-8136-AF24E6CEFCD5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{ECC75B1C-0AA3-4DEC-B967-6E6ADF1C4037}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EE19C7C1-D667-462B-A80C-0528B01821CE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{EFD601EB-A31B-4010-86C2-7A2F36ED8ABD}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{F01352F8-2F65-4B2E-8163-FA0D797DFD05}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{F04295D0-677C-4523-B05E-79ADC2093F50}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{F2C0B8E4-6562-4DA7-B1F7-B82A1269CD41}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F62F7E25-C95D-447E-817D-95FB0318C653}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{F980986B-76F0-4031-B2B0-07AAF2D64C17}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{FBBE0681-AC0A-4EB3-9D16-F99944CD9EC9}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{FD486298-AFE4-47F4-9A7A-0876A016EBCD}" = protocol=6 | dir=in | app=d:\ubisoft\assassinscreed3.exe |
"TCP Query User{0A58BFE9-EE2A-49AE-A3BB-E8871B8CDAC7}D:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\the witcher 2\bin\witcher2.exe |
"TCP Query User{4A37A1A1-A8C7-41E5-A9B8-6AA57740ABCF}D:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{4E2097EB-282B-4B83-9C39-E7E34C7C6386}D:\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{5F1027C5-9FE1-4B9E-8A5D-8A4D83A1A933}D:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{8ED73766-66D3-4E86-BAF3-450E073769FD}D:\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\winamp\winamp.exe |
"TCP Query User{CF71F760-528E-4F9B-8CC3-907C7ED80A31}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E46C15C6-B0F8-44FD-97B8-DC242C822011}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"UDP Query User{3E8E73A4-204D-4234-9185-D0903C7A0D58}D:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{4A62FB4E-849F-4A77-A576-2A508FBDCA50}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5EE189E6-0875-41D9-A507-227E639DA0A2}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"UDP Query User{68A245BC-D59C-4D8E-B3CD-B436B65AC9A1}D:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\the witcher 2\bin\witcher2.exe |
"UDP Query User{7C44167D-3CB3-47A6-B5F4-EE550CF0E44B}D:\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\winamp\winamp.exe |
"UDP Query User{DF795A6D-8D39-42D7-9A91-6900D0E8E191}D:\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{F5C923B4-E2AD-49DE-8329-0C2CF43F4B69}D:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\program files (x86)\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06DB2C4C-DC29-DA42-3B00-5581CBF545BB}" = AMD Drag and Drop Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"GIMP-2_is1" = GIMP 2.8.2
"Logitech Unifying" = Logitech Unifying-Software 2.10
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Sn1" = Logitech Flow Scroll 4.0
"sp6" = Logitech SetPoint 6.32
"VIRTU_is1" = VIRTU 1.2.106
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = Die Sims™ 3 Traumsuite-Accessoires
"{0CC21836-A5D6-4641-B4AE-6FA01D021E41}" = Die Sims Mittelalter Piraten und Edelleute
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = Die Sims™ 3 Diesel Accessoires
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.02
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die*Sims*Mittelalter
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{95140000-0137-0407-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed(R) III v1.02
"{9EF2A56C-F12E-4E42-BB26-807EBB6DC271}" = Prodigy X-Fi NRG
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C03D7CF4-E172-421F-8209-667BAF0BEA1C}" = F.E.A.R. Ultimate Shooter Edition
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.116
"Audacity_is1" = Audacity 2.0.2
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Dxtory2.0_is1" = Dxtory version 2.0.119
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESAudioCS" = Audio-Systemsteuerung
"Host OpenAL" = Host OpenAL
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.15.1748" = Opera 12.15
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 203160" = Tomb Raider
"Steam App 205100" = Dishonored
"Steam App 211400" = Deadlight
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 40390" = Risen 2 - Dark Waters
"Steam App 48000" = LIMBO
"Steam App 49520" = Borderlands 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8870" = BioShock Infinite
"The Witcher 2 Enhanced Edition_is1" = The Witcher 2 Enhanced Edition Version 3.0
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.05.2013 15:25:15 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x09310931 ID des fehlerhaften Prozesses:
0x15fc Startzeit der fehlerhaften Anwendung: 0x01ce49c644bbe86b Pfad der fehlerhaften
Anwendung: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 83243494-b5b9-11e2-acba-bc5ff40d9164
Error - 05.05.2013 15:25:19 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Name des fehlerhaften Moduls: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00b52f2c ID des fehlerhaften Prozesses:
0x15fc Startzeit der fehlerhaften Anwendung: 0x01ce49c644bbe86b Pfad der fehlerhaften
Anwendung: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe
Berichtskennung:
8577a32c-b5b9-11e2-acba-bc5ff40d9164
Error - 05.05.2013 15:25:42 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x09310931 ID des fehlerhaften Prozesses:
0x28c Startzeit der fehlerhaften Anwendung: 0x01ce49c6549b8e4c Pfad der fehlerhaften
Anwendung: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 92d6883b-b5b9-11e2-acba-bc5ff40d9164
Error - 05.05.2013 15:25:43 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Name des fehlerhaften Moduls: TESV.exe, Version: 1.9.32.0, Zeitstempel:
0x51437ce5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00b52f2c ID des fehlerhaften Prozesses:
0x28c Startzeit der fehlerhaften Anwendung: 0x01ce49c6549b8e4c Pfad der fehlerhaften
Anwendung: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe
Berichtskennung:
93e934c0-b5b9-11e2-acba-bc5ff40d9164
Error - 06.05.2013 07:16:20 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2013 05:46:14 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2013 08:59:02 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2013 12:30:02 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.05.2013 04:34:23 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.05.2013 06:30:07 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm opera.exe, Version 12.15.1748.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1090 Startzeit:
01ce4c902473a21b Endzeit: 26 Anwendungspfad: C:\Program Files (x86)\Opera\opera.exe
Berichts-ID:
[ OSession Events ]
Error - 06.06.2012 02:32:44 | Computer Name = Admin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25.10.2012 11:22:02 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 25.10.2012 11:22:02 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 26.10.2012 14:49:05 | Computer Name = Admin-PC | Source = DCOM | ID = 10010
Description =
Error - 29.10.2012 12:12:44 | Computer Name = Admin-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 30.10.2012 11:35:04 | Computer Name = Admin-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 14.11.2012 07:56:29 | Computer Name = Admin-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 15.11.2012 11:34:39 | Computer Name = Admin-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 15.11.2012 12:22:22 | Computer Name = Admin-PC | Source = volsnap | ID = 393251
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht vergrößert werden kann.
Error - 16.11.2012 20:22:28 | Computer Name = Admin-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.139.2168.0 Aktualisierungsquelle:
%%859 Aktualisierungsphase: %%854 Quellpfad: hxxp://www.microsoft.com Signaturtyp:
%%800 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion:
Vorherige Modulversion: 1.1.8904.0 Fehlercode: 0x80070643 Fehlerbeschreibung: Schwerwiegender
Fehler bei der Installation.
Error - 16.11.2012 20:22:33 | Computer Name = Admin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials
– KB2310138 (Definition 1.139.2266.0)
< End of report >
gmer.txt: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-09 14:05:28
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ADATA_SS rev.3.3. 55,90GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Admin\AppData\Local\Temp\aglorpod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80003208000 45 bytes [00, 00, 16, 02, 4E, 74, 66, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607 fffff8000320802f 29 bytes [00, 01, 00, 06, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[2028] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073321a22 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2028] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073321ad0 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2028] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073321b08 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2028] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073321bba 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2028] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073321bda 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073321a22 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073321ad0 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073321b08 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073321bba 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073321bda 2 bytes [32, 73]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075531465 2 bytes [53, 75]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1508] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000755314bb 2 bytes [53, 75]
.text ... * 2
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26 00000000733513c6 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74 00000000733513f6 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257 00000000733514ad 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303 00000000733514db 2 bytes [35, 73]
.text ... * 2
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79 0000000073351577 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175 00000000733515d7 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620 0000000073351794 2 bytes [35, 73]
.text D:\Programme\Prodigy X-Fi\Volume Panel\VolPanlu.exe[3188] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921 00000000733518c1 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26 00000000733513c6 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74 00000000733513f6 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257 00000000733514ad 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303 00000000733514db 2 bytes [35, 73]
.text ... * 2
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79 0000000073351577 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175 00000000733515d7 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620 0000000073351794 2 bytes [35, 73]
.text C:\Windows\SysWOW64\rundll32.exe[3196] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921 00000000733518c1 2 bytes [35, 73]
---- EOF - GMER 2.1 ----
Ich hoffe, mir kann jemand helfen |
| Themen zu Probleme mit PWS:Win32/Zbot.gen!AJ - Trojaner |
| 7-zip, autorun, battle.net, bho, error, firefox, flash player, format, google, helper, home, iexplore.exe, install.exe, javaupdate, logfile, mozilla, msvcrt, nexus, object, plug-in, prozess, pws:win32/zbot.gen!aj, realtek, registry, rundll, s3.amazonaws.com, scan, search the web, security, software, svchost.exe, taskmanager, teamspeak, trojaner, visual studio, windows |
Baum-Darstellung