| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Whitescreen nach Windowsanmeldung (Vista)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.05.2013, 21:21
| #1 |
| |  Whitescreen nach Windowsanmeldung (Vista) Hallo liebe Community, ich bin neu hier, also seht mir bitte Fehler nach. Habe in anderen Themen schon vom Whitescreenvorus gelesen und dort wird immer gebeten, diese Tipps mit OTL durchzuführen. Soweit habe ich das auch gemacht und hoffe ihr könnt mir helfen wenn ich nun meinerseits diese Daten hier poste! Ich hoffe, das ist das richtige. Freundliche Grüße aus dem Bergischen, Deka Weitere Infos: Windows Vista und es ist nur ein Benutzer betroffen. Beim start im abgesicherten Modus sind keine Desktopsymbole sichtbar. Code:
ATTFilter OTL Extras logfile created on: 08.05.2013 21:58:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = e:\
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,40 Gb Available Physical Memory | 85,05% Memory free
8,17 Gb Paging File | 7,69 Gb Available in Paging File | 94,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 44,25 Gb Free Space | 14,84% Space Free | Partition Type: NTFS
Drive E: | 29,81 Gb Total Space | 29,81 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: GAMER | User Name: Fabian | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" (Mozilla Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" (Mozilla Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" (Mozilla Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" (Mozilla Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = E3 50 5F 10 FF EB CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-156360027-3247763443-3765037765-1000]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04128147-702F-42C8-BB1A-8B5BBEA56AAC}" = lport=137 | protocol=17 | dir=in | app=system |
"{0C616B18-52C9-4901-B793-833135305069}" = rport=138 | protocol=17 | dir=out | app=system |
"{10573A86-ACB3-42E6-B266-E8FEB9CE470D}" = rport=137 | protocol=17 | dir=out | app=system |
"{1A1BF862-77E1-4AC4-A4C9-C8B66EFA8F86}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{205BE123-A023-4A54-800B-A4139975E958}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4FA0883C-8420-4229-9922-3B907CB0FB01}" = lport=139 | protocol=6 | dir=in | app=system |
"{509B37D8-A899-40EB-BB36-4E82E2714CAA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5ABA373F-37AE-470A-A000-F06336FA654D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7FD8DA43-7C30-4E18-9865-DDD031532E83}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{831099B5-49FB-4723-B7A0-6E801EC6595D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9AA3C9B4-433A-48A9-AAD6-F2BA81F7FDA4}" = lport=445 | protocol=6 | dir=in | app=system |
"{A590ED54-480D-4DE2-A96C-7F591B7D0AB5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B040AB97-22F9-41E2-B13E-9DE3C1F86106}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B35CBCB6-B4BA-4FA0-9FC1-5D369FAC94F1}" = lport=1 | protocol=6 | dir=in | name=tower |
"{B9E3E58B-93D5-40CD-ABAF-F607D952ED47}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BC0E618B-95F4-4055-AC20-548C26304AEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C212F8C6-C10A-4D7E-AE25-387D9294C829}" = rport=445 | protocol=6 | dir=out | app=system |
"{CFA25CF3-7130-4E96-B6D4-8302DE8E18AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D08A2908-67AE-4E42-9DC9-73AEBFD22850}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E50D4AC4-D4EB-42F0-9AFB-8CE2B3C3C548}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8D1A156-AB78-49E1-93BA-C2BC488861E1}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB1B978A-9464-45C0-89D7-B3C79BBAACDC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FE652441-5F54-48C2-8FF7-FF7E7025DBCC}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0088E94E-F7F2-4E4E-90A0-C89101309E6E}" = protocol=6 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\day of defeat source\hl2.exe |
"{06254317-AA91-48D8-B3D3-8C02B6A537A3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{08E69769-AF4D-4A7C-82F0-C97193923441}" = protocol=6 | dir=in | app=b:\call of duty 4\iw3mp.exe |
"{1B0330B8-E6F9-4C7B-B6EC-A44D8FC46884}" = dir=in | app=c:\program files (x86)\apowersoft\screen recording suite\screen-recording-suite.exe |
"{1E292507-BEB9-458E-9454-C44FD6228B80}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe |
"{1F3DDC90-42F0-4A51-824B-CB3F4BC320E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2835D040-860B-4567-9513-03FC6603C350}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{2FFA7777-C810-454D-967E-D04508BE2A6F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{40F7A1FA-C2D1-4959-9145-0EDB0A11066D}" = protocol=17 | dir=in | app=c:\program files (x86)\the elder scrolls v - skyrim\tesv.exe |
"{40FACA6D-02D3-43F2-B9C6-BA91795E1B98}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4182B9FC-93C5-4B85-AA6A-6DDFBB280AF1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{49D8EAFE-167E-4625-A9E0-1272B51806BC}" = protocol=6 | dir=in | app=c:\program files (x86)\alcohol soft\alcohol 120\plugins\acid.exe |
"{5002AF7C-2F1C-4041-82FF-2B73425D0284}" = protocol=17 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\counter-strike source\hl2.exe |
"{54F22D48-D30C-495C-AB49-956AD0ECCE81}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"{5C548685-D0AE-44C8-AD26-26CAFD10DEEB}" = protocol=6 | dir=in | app=c:\program files (x86)\the elder scrolls v - skyrim\tesv.exe |
"{60D620C2-EDE7-4ADB-9329-00A416055586}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{61C91712-7363-4A86-B4B9-65050A7A92D9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6B2C3DBF-3AF6-4F1C-89F4-59AB4418E97C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"{6CBA1A43-008D-4262-9614-904FE6CC8D9E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{757D99DE-9EC2-49ED-B300-D295C2662A0C}" = dir=in | app=c:\users\fabian\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{787C8513-D434-4652-A38F-6D4001A6152F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{7B73A2B4-6D16-462A-92F6-04D7D7BC0CCC}" = protocol=6 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\counter-strike source\hl2.exe |
"{7ED9F4A4-56FA-4394-9CBA-6087BB6EAC73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7FEA8560-CEAA-4DD7-AD8C-F3F1BCCA6479}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{82DE6B11-7088-4529-8103-C4DE1F502DED}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{902F37B9-01F2-4C0D-938F-7D8740ADA943}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{92903378-1E8B-4B22-95A9-2E3DA24B9F05}" = protocol=17 | dir=in | app=c:\program files (x86)\alcohol soft\alcohol 120\plugins\acid.exe |
"{93B00D05-9353-4BA4-A5F4-7F6B02BDA374}" = protocol=17 | dir=in | app=b:\call of duty 4\iw3mp.exe |
"{94E6E845-B629-439B-9DAE-76F4EC5E93D5}" = dir=in | app=c:\program files (x86)\apowersoft\screen recording suite\screenrecordingsuite.exe |
"{9BB77844-A3A2-4AD2-94EA-CAFCA2130FB3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A0417B87-2F9D-445B-A11C-7280353D26B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A22D61B0-9C16-493A-9FF8-E3AA88533262}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A2F6CBB4-64C2-44EC-80CF-080AD115F949}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{A8B17570-2B68-4BC6-A0DA-39E39A365A9E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{B05C2831-0655-4BB4-913F-07DA3F851B0A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BF8C8832-847B-47CB-BA31-44F4E8324251}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{C345A6C1-DC67-4549-A980-CE3B343ADF4F}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe |
"{C35055B3-A61C-4BE9-9896-BDA17F0EC666}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe |
"{CCE6280C-D9AB-4DB9-9706-7E49BA5F969B}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe |
"{D2095767-4E05-499C-BA95-072B0F3F96D9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{DA6AE29C-CB0C-4FBF-B290-B1791B0EBA32}" = protocol=6 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\counter-strike source\hl2.exe |
"{DDCE446D-8F28-47E8-B887-F1EF774E43A0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{E6901258-C485-4647-B8E8-C658AE9F79D2}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{E6F34489-DB8E-4EFB-A6BA-26235185E33F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDC7614F-5F0D-48E4-8F19-A7DF4E623C29}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{F15EF8DC-E893-462A-9168-D62B87BDCFF0}" = protocol=17 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\day of defeat source\hl2.exe |
"{FB6FBDAF-FA04-4067-B4E1-7348B45E3D63}" = protocol=17 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\counter-strike source\hl2.exe |
"TCP Query User{00D67C18-BA80-48C3-A64C-A03C87F4BD2A}C:\users\fabian\desktop\games\metin2_germany\metin2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.exe |
"TCP Query User{14585CEA-DCEA-4936-859B-3F9E897272A6}C:\users\fabian\desktop\games\metin2_p-server\happymt2\happymt2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_p-server\happymt2\happymt2.exe |
"TCP Query User{23B38466-D8B2-48DF-B276-6258DF5127BB}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{246B6703-DBA2-4A64-8C5B-978250DC7A12}C:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin |
"TCP Query User{37051CF1-B1F1-4824-A73C-D2D78F9252E4}C:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin |
"TCP Query User{3C620964-5708-40F0-ACF5-122AD292B7C9}C:\program files (x86)\uvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\uvnc\winvnc.exe |
"TCP Query User{3D845019-EAD5-4CE3-BCE6-8E4C01293459}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{50588188-6176-4F69-ADA0-CA9AB21A93FE}C:\program files (x86)\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2_germany\metin2.bin |
"TCP Query User{57693473-E560-4105-9D7F-15C218A9B227}C:\program files (x86)\uvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\uvnc\winvnc.exe |
"TCP Query User{5BFAF1A1-821F-432D-A682-C2193ABD448D}C:\users\fabian\desktop\games\metin2_germany\metin2client.bin" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2client.bin |
"TCP Query User{5D5A955D-507B-46E2-925C-D67B21D58736}C:\user\fabian\desktop\steamapps\freezetime351421\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\half-life 2 deathmatch\hl2.exe |
"TCP Query User{63996479-FC09-4079-8E15-8349D49CB52A}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{6450369B-8F7F-4C93-A0AD-70E1A48A95DB}C:\users\fabian\appdata\local\virtualstore\program files (x86)\metin2.us\metin2.bin" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\metin2.us\metin2.bin |
"TCP Query User{68DA1F9B-A070-4256-9D9F-557C40AA3A0F}C:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe |
"TCP Query User{6B9B9E57-CC26-4A20-A773-AFAB3B904F17}C:\users\fabian\desktop\games\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\wc3\war3.exe |
"TCP Query User{77D4E12C-CE60-45F2-B66D-CB52A2B2549B}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{782498E5-53D5-49A6-82A9-F062A91F1B0B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{7E0666BB-780C-4BD3-99A2-BBA80CBFD0B1}C:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe |
"TCP Query User{927D25C9-E37A-40F9-8DE0-B7CCD818EFFA}C:\users\fabian\appdata\roaming\ytvyek\ufick.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\roaming\ytvyek\ufick.exe |
"TCP Query User{9C9D379E-F419-4AE2-9089-B707015E2AF5}C:\users\fabian\desktop\games\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.bin |
"TCP Query User{A0C62951-BAAF-447C-BAE4-311C0AB568C7}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{A75CA1E3-6D41-4E7D-91BC-88F8BA69A5EF}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{A95FCF52-4B7E-4D97-9381-D5B6F4703E64}C:\users\fabian\desktop\games\metin2_germany\metin2client.bin" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2client.bin |
"TCP Query User{AA90CAE1-B4ED-43D5-8706-F9505F21C77C}C:\program files (x86)\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2_germany\metin2.bin |
"TCP Query User{D5237F42-44A0-46E5-B313-0196255D5C54}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D71FFA3F-BC7D-4410-B4D2-DEA68345975A}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{DA3F0381-102F-4205-A065-8836479BB315}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{E77CCF41-625E-4330-B20C-9D2E5A40BBC6}C:\users\fabian\desktop\games\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.bin |
"TCP Query User{EEE27631-4DC4-4C7D-9CBD-D877B3D5AC8B}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{F1E341D8-4962-467D-9C3C-486C957677A4}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{F8B36B59-3C1E-4EC8-850C-15E72998A941}C:\program files (x86)\metin2beta\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2beta\metin2\metin2.bin |
"UDP Query User{004FABC3-6406-4069-8600-988BAE0FAD1A}C:\users\fabian\desktop\games\metin2_germany\metin2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.exe |
"UDP Query User{18CD8E3B-DD5D-4D8E-AC60-3AB8E5BDE391}C:\user\fabian\desktop\steamapps\freezetime351421\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\user\fabian\desktop\steamapps\freezetime351421\half-life 2 deathmatch\hl2.exe |
"UDP Query User{217AF65B-A8F7-4A68-B30E-20EE5364C617}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{246FCC5A-14E7-4A21-979F-70919FD883B6}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{29E1DDA7-A4D4-48F1-9F80-D3A20304F91A}C:\users\fabian\desktop\games\metin2_p-server\happymt2\happymt2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_p-server\happymt2\happymt2.exe |
"UDP Query User{2A3BD61C-4544-4C87-8D09-DEFEDA3AD9A8}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{3F089355-B25A-4BC3-9731-0479D3442FCA}C:\users\fabian\appdata\local\virtualstore\program files (x86)\metin2.us\metin2.bin" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\metin2.us\metin2.bin |
"UDP Query User{57873AD1-17FA-42BF-AFB0-955AA8191F09}C:\program files (x86)\metin2beta\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2beta\metin2\metin2.bin |
"UDP Query User{5E7CA14D-F52C-441B-B88E-82AE91C51B5C}C:\users\fabian\desktop\games\metin2_germany\metin2client.bin" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2client.bin |
"UDP Query User{5FC5E7FD-AD9C-4EC6-A483-1E2A31A70005}C:\program files (x86)\uvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\uvnc\winvnc.exe |
"UDP Query User{61249252-8A2F-41E5-B955-9C94A681E036}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{62E030C6-8C0D-41FC-BC0C-155A1DF61D22}C:\program files (x86)\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2_germany\metin2.bin |
"UDP Query User{6E531EE6-31C9-44C6-A870-9FCAE86DDA6E}C:\users\fabian\appdata\roaming\ytvyek\ufick.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\roaming\ytvyek\ufick.exe |
"UDP Query User{6FD3B994-7605-45D7-B0DA-E16C9814191C}C:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe |
"UDP Query User{763991F5-97CA-46E9-9212-225D21B0E0D7}C:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\mirc\mirc.exe |
"UDP Query User{838813D7-057E-4313-9568-3EDA1B317DC6}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{86FF6D54-AEB9-4246-8A5D-DACD779A05A2}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{87847AB7-AD5D-4C9D-B7CB-A3B10FDD46E2}C:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin |
"UDP Query User{9CDA382A-CE1C-4B4F-817A-D8027299AAA8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{9DAEEEB1-B05F-43E1-B70F-96FBB656DC5E}C:\program files (x86)\uvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\uvnc\winvnc.exe |
"UDP Query User{AF28D559-A795-4A89-8513-4D68D34A1538}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{B054FCC1-17E1-4320-B8FC-E551359B7D0C}C:\users\fabian\desktop\games\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\wc3\war3.exe |
"UDP Query User{BF6BC38D-E49C-4EFB-8DDD-D08E500104B0}C:\users\fabian\desktop\games\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.bin |
"UDP Query User{C4C9A866-9A59-452F-B1D1-70CFBFD6099F}C:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\virtualstore\program files (x86)\subagames\metin2\metin2.bin |
"UDP Query User{D4229244-9310-429A-A650-7F5D5C547A6D}C:\program files (x86)\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2_germany\metin2.bin |
"UDP Query User{D5A793AE-4C5A-4304-9265-233D8F748AB6}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{E0A42F8C-884D-487F-AE09-F6EAB557BEA1}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{E15F447D-8EA4-45A0-AE89-5B1417AD990E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{E80643D2-BFDB-463D-BAC6-9D318C61276C}C:\users\fabian\desktop\games\metin2_germany\metin2client.bin" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2client.bin |
"UDP Query User{EB4DB6D4-98BF-4B2B-A70A-E137F0674CE2}C:\users\fabian\desktop\games\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\users\fabian\desktop\games\metin2_germany\metin2.bin |
"UDP Query User{EF721910-45DD-439B-8276-B8E00CAD41D8}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Explorer Suite_is1" = Explorer Suite III
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GIMP-2_is1" = GIMP 2.8.4
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{284CF4B8-4055-4D2E-BC04-5ADD7AA10E3D}" = The Movies(TM) 1.1 Patch
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3844035A-9429-4E54-86B0-6EE3778BA3FB}_is1" = The Elder Scrolls V: Skyrim
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}" = iTunes
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{744DD571-3D2B-4BC8-B129-BF6929020CD3}" = Yu-Gi-Oh! ONLINE 3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91057632-CA70-413C-B628-2D3CDBBB906B}" = Macromedia Flash Player 8 Plugin
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.5.3
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F860F390-78F4-4B45-8C1A-0489618E315B}" = Sygate Personal Firewall
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.9.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIDA64 Business Edition_is1" = AIDA64 Business Edition v1.70
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.0.8.140
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"blekkotb_031" = blekko search bar
"CamStudio" = CamStudio
"Complitly_is1" = Complitly
"cont_addestination" = Advanced Optimization Addestination
"DAEMON Tools Lite" = DAEMON Tools Lite
"DebugMode Wink" = DebugMode Wink
"Die Siedler II Gold Edition_is1" = Die Siedler II Gold Edition
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ff0244a8-49b8-9e3b-46ba-046526d54b4e" = Advanced Optimization Addestination
"FileASSASSIN" = FileASSASSIN
"FormatFactory" = FormatFactory 2.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Game Cam" = Game Cam 2.54.0.47
"Google Chrome" = Google Chrome
"GPL Ghostscript 9.07" = GPL Ghostscript
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"LegendMT2-Client v1" = LegendMT2-Client v1
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"Mumble" = Mumble and Murmur
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PDF Reader 3" = PDF Reader 3
"PhotoScape" = PhotoScape
"Scribus 1.4.2" = Scribus 1.4.2
"Silkroad" = Silkroad
"Steam App 13210" = Unreal Tournament 3
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 9890" = Champions Online: Bloodmoon Free Weekend
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Texmaker" = Texmaker
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCamera" = VirtualCamera
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.4
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"wsuok" = Favorit
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Game Organizer" = EasyBits GO
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.05.2013 14:39:15 | Computer Name = Gamer | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2013 14:40:26 | Computer Name = Gamer | Source = System Restore | ID = 8209
Description =
Error - 08.05.2013 15:31:15 | Computer Name = Gamer | Source = Application Hang | ID = 1002
Description = Programm MSASCui.exe, Version 1.1.1600.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: e28 Anfangszeit: 01ce4c22837e5d1b Zeitpunkt der Beendigung:
2
Error - 08.05.2013 15:44:12 | Computer Name = Gamer | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2013 15:51:02 | Computer Name = Gamer | Source = WinMgmt | ID = 10
Description =
Error - 08.05.2013 15:52:57 | Computer Name = Gamer | Source = LoadPerf | ID = 3012
Description =
Error - 08.05.2013 15:52:57 | Computer Name = Gamer | Source = LoadPerf | ID = 3012
Description =
Error - 08.05.2013 15:52:57 | Computer Name = Gamer | Source = LoadPerf | ID = 3011
Description =
Error - 08.05.2013 15:59:24 | Computer Name = Gamer | Source = LoadPerf | ID = 3012
Description =
Error - 08.05.2013 15:59:24 | Computer Name = Gamer | Source = LoadPerf | ID = 3012
Description =
Error - 08.05.2013 15:59:24 | Computer Name = Gamer | Source = LoadPerf | ID = 3011
Description =
Error encountered while reading event logs.
< End of report >
|
|
08.05.2013, 21:23
| #2 |
| /// Malware-holic   |  Whitescreen nach Windowsanmeldung (Vista) Hi, otl.txt fehlt
__________________
__________________ |
|
08.05.2013, 21:30
| #3 | |
| | Whitescreen nach Windowsanmeldung (Vista)Zitat:
Soll ich das mit 7-zip dann als anhang versuchen dran zu hängen? |
|
08.05.2013, 21:33
| #4 |
| /// Malware-holic | Whitescreen nach Windowsanmeldung (Vista) ja, kannst du
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.05.2013, 21:35
| #5 |
| | Whitescreen nach Windowsanmeldung (Vista) Hier sollte er sein. Asche über mein Haupt, falls ich zu dämlich bin  |
|
08.05.2013, 21:42
| #6 |
| /// Malware-holic | Whitescreen nach Windowsanmeldung (Vista) Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O20 - HKCU Winlogon: Shell - (C:\Users\Fabian\AppData\Roaming\skype.dat) - C:\Users\Fabian\AppData\Roaming\skype.dat ()
[2013.05.08 21:45:20 | 000,000,004 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\skype.ini
:files
C:\Users\Fabian\AppData\Roaming\skype.dat
:Commands
[emptytemp]
starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!
__________________ --> Whitescreen nach Windowsanmeldung (Vista) |
|
08.05.2013, 22:04
| #7 |
| | Whitescreen nach Windowsanmeldung (Vista) Hey, sorry wegen dem Anhang, ich besorge schnell die Asche ich kann nun endlich wieder über den nicht-mehr-infizierten Rechner hier schreiben. Vielen vielen Dank, echt super Hilfe hier!  Hoffe, zum Abschluss das hier ist das richtige was ich noch posten sollte Code:
ATTFilter
User: Administrator
->Temp folder emptied: 70396996 bytes
->Temporary Internet Files folder emptied: 569451 bytes
->Java cache emptied: 17922412 bytes
->FireFox cache emptied: 43979712 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 1930106 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Fabian
->Temp folder emptied: 183452104 bytes
->Temporary Internet Files folder emptied: 29356040 bytes
->Java cache emptied: 530659921 bytes
->FireFox cache emptied: 68468259 bytes
->Google Chrome cache emptied: 33028880 bytes
->Flash cache emptied: 6462 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 239203043 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58985636 bytes
RecycleBin emptied: 31223716 bytes
Total Files Cleaned = 1.250,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05082013_224958
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
08.05.2013, 22:47
| #8 |
| /// Malware-holic | Whitescreen nach Windowsanmeldung (Vista) upload fehlt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Whitescreen nach Windowsanmeldung (Vista) |
| avira, converter, error, fehler, flash player, format, google, hijack, hijackthis, home, homepage, iexplore.exe, install.exe, keine desktopsymbole, league of legends, logfile, metin2, mozilla, mp3, programm, registry, rundll, scan, security, software, svchost.exe, teamspeak, tower, vista, whitescreen trojaner, windows, wscript.exe |
Textbox. 
Linear-Darstellung
