Internet Explorer 9 öffnet im "Schnelldurchlauf" die Homepage und stürzt dann ab.
 

So. Nach ein wenig eigeninitiative (Versuch das Problem durch google durchschauen zu lösen) gebe ich nun auf. Und muss nun um Hilfe bitten.

Ich habe bereits ein Malewarebytes Log, ein OTL Log und ein "Extras" log.

Ich will es übersichtlich halten. Wo werden die OTLs gespeichert?

(Sodass ich sie dann einfach hochladen kann.)

Bin ziemlich neu in solchen Sachen. (Habe aber eine gute Aufassungsgabe :zunge:) Also, wie oben gefragt. Wo werden die OTLs gespeichert?

Diese Fragen sollten dort beantwortet sein => http://www.trojaner-board.de/85104-o...-oldtimer.html

Mmh... Dateien scheinen zu groß zu sein.
Bleibt mir Wohl oder Übel nichts übrig als "Copy und Paste"

Mbam Log.

OTL Log

OTL Logfile:
OTL EXTRAS Logfile:
--- --- ---

--- --- ---


Extras Log

OTL Extras logfile created on: 16.03.2011 17:42:02 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Gamer-Pro\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 230,93 Gb Total Space | 34,08 Gb Free Space | 14,76% Space Free | Partition Type: NTFS
Drive D: | 1,95 Gb Total Space | 1,70 Gb Free Space | 86,86% Space Free | Partition Type: NTFS

Computer Name: GAMER-PRO-PC | User Name: Gamer-Pro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Users\Gamer-Pro\AppData\Local\Kamuse\KCSTrayDownloader\KCSTrayDownloaderEngine.exe" = [String data over 1000 bytes]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0340D9E8-F84D-4A03-8C1F-85E2DD3D0A2E}" = lport=137 | protocol=17 | dir=in | app=system |
"{03CE963C-B5D4-4BCA-9285-9FBEFF60143E}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 |
"{03E0341C-14C3-41F1-9535-9A4AEB94FE93}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0649C2DF-9339-4405-BF0E-D219C6CA93A8}" = lport=10002 | protocol=17 | dir=in | name=blackshot |
"{0AB01CFA-D9B8-42A7-BC8A-E57F2D366DF7}" = rport=138 | protocol=17 | dir=out | app=system |
"{0CA71C90-3C07-4B46-94A0-B0BA364E8E4E}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{10AA8869-7E95-4972-A274-CA39276D7C1C}" = lport=1701 | protocol=17 | dir=in | app=system |
"{136AD204-E932-4088-8514-C9041C7BD165}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{181B6416-58D7-4954-AEBD-EE78FB52F6F9}" = lport=25565 | protocol=6 | dir=in | name=minecraft |
"{1A902E78-7B27-4831-87A1-627A44CAD0F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1CB8AE30-8A5C-43E9-B302-C77695087CD5}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{1D01BB03-9141-4A1E-A43B-357FA355DED9}" = rport=139 | protocol=6 | dir=out | app=system |
"{201E86B5-48DF-437F-A35D-025CE7C2DE3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24C5E23F-6DEC-43A3-86F7-DA2713547AE0}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{27A46181-09CC-4593-93F2-DAFA91B33ABC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2E332593-2A8E-48C7-932E-B9F3B94CC264}" = lport=443 | protocol=6 | dir=in | app=system |
"{3144462F-DE00-4DBE-8A04-A22AB338A6C8}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{32938BB3-F56D-42CB-896E-A336BC26B32E}" = lport=5985 | protocol=6 | dir=in | app=system |
"{3416B95A-47B7-43FD-994E-158890959DFD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{407134CC-EB23-4450-A145-C6024BCB4BE3}" = lport=49166 | protocol=6 | dir=in | name=akamai netsession interface |
"{425A6701-17E7-4863-A434-D41759957B65}" = lport=56794 | protocol=6 | dir=in | name=pando media booster |
"{431CDAB6-D906-4631-9672-B2E6A4B84759}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{47173DA7-3D0A-4314-BA63-72ED1FE95280}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{47419AF1-63DB-42C1-985F-CE2DCD13091D}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{491850AE-1A7A-462B-B8B7-F8C6DD736FFB}" = lport=30001 | protocol=6 | dir=in | name=blackshot |
"{499A148A-45A2-463A-B6BA-062849A55A2E}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{4AFC3587-39DB-4960-BED6-48CDB9A98087}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{4F1AE387-43CD-4736-B681-AEF6234997EA}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{52180637-0A24-4BFF-85A9-0991280211D5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5B523CAF-6169-4455-8592-1B6B8ADC7F9A}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{5CF6FE45-C0AD-4101-B35E-36FC4C892127}" = lport=445 | protocol=6 | dir=in | app=system |
"{5EF80652-B25A-49E5-B2F6-6BEC25D5C5E3}" = lport=10003 | protocol=17 | dir=in | name=blackshot |
"{5F0461BB-1945-486A-8271-AB34A50B50BD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61717BC7-2243-49EC-81E8-73D0CE675149}" = lport=5357 | protocol=6 | dir=in | app=system |
"{6530BABA-3AC4-4B6C-ADCF-BC0E0132C397}" = lport=2869 | protocol=6 | dir=in | app=system |
"{692F299E-F4BC-4864-9935-C8FCD3BE3D95}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{6B88EEB2-603B-4A2F-98F8-27DEF4067387}" = lport=1688 | protocol=6 | dir=in | svc=slsvc | app=c:\windows\system32\slsvc.exe |
"{6CC2E705-FA71-4FC7-A4B3-34F270D015CB}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{6D8B9D07-AA9E-4B7F-8CB3-625966C450AC}" = lport=445 | protocol=6 | dir=in | app=system |
"{707C42D6-3AC2-4120-9C62-06FD9E19414B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74560A8E-D56F-4D07-BE4A-3ABC83C22B1C}" = lport=56794 | protocol=17 | dir=in | name=pando media booster |
"{79129C4D-1D2F-46AA-B3EE-5888A57B8C0C}" = lport=138 | protocol=17 | dir=in | app=system |
"{79B399AF-A16B-4AEC-81D9-9B60F5087FBB}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{7A2AE80D-644C-4EA6-B5B6-AC3E921B9367}" = lport=139 | protocol=6 | dir=in | app=system |
"{7AA45724-4069-4E85-9D61-ACBF785AA8A8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7CC3BC4B-A25A-40E1-A56F-EDE40425A80F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{7E69064C-2760-4D87-A8A7-2DB221D54A72}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{81940798-7461-4706-B222-7F360634F7C9}" = lport=10000 | protocol=6 | dir=in | name=port |
"{87C88DEF-C581-48A8-804D-352680E13A1E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{8DD6A048-FF28-4CD2-A688-72E81C1DE00D}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{8F9068F3-610D-4018-B831-630E63352002}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{9014DD8A-99E8-45F6-89F8-77DBC06FA171}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{90EADA6B-7B97-4EC0-92A8-668938974978}" = lport=2178 | protocol=6 | dir=in | app=system |
"{9271974F-39BF-47BD-A79D-9CBC9F856AF4}" = lport=25667 | protocol=6 | dir=in | name=mcadmin |
"{9669A151-6E85-4AF4-9A61-453B03FD9DE4}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{9C0A19EF-8B1C-4A1C-90FD-9AD99AB13005}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{9D3ED0E0-FC5F-496E-AA9E-813461C53A7D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{A1613FF0-DAE4-4504-9607-E8C722274358}" = rport=2178 | protocol=6 | dir=out | app=system |
"{A409FEC6-DA2F-414C-B2F4-B02273945904}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{A65A7118-4183-4EF4-8705-90F7D5C838E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A92ECADB-837B-45F9-B5A5-FCE04C1063EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{ADBCF71E-C149-4C5A-A00A-790E3C41948C}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{B112E20C-2951-4674-A783-FAF9491F2842}" = rport=445 | protocol=6 | dir=out | app=system |
"{BA134E9E-D82E-44C0-B4F5-96B061E887CB}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{BA926FEA-8F27-4B7B-B7D9-454221962AE2}" = lport=1723 | protocol=6 | dir=in | app=system |
"{BB49EF0F-8DF1-4536-B6F6-DA0010F95BE3}" = rport=5358 | protocol=6 | dir=out | app=system |
"{BBC913BA-ED3C-4666-AEF4-EEE371946487}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{C202AD1E-D252-4654-B7BC-500765E0BE25}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{C2AF3C1D-A8D7-4B84-A664-D17DAD9092EB}" = rport=137 | protocol=17 | dir=out | app=system |
"{C46C286F-E042-4C3D-B527-3F7095488279}" = lport=445 | protocol=6 | dir=in | app=system |
"{C4805B29-2B41-4282-BA12-6CB89476B7A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{D0E42379-B12C-4F22-BB2F-CF40E8F6DD2A}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{D4828DFF-6E8B-4066-B1EA-4C45BF1A9FD1}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{D5375D8E-204E-47F6-BC59-9C78BDC75938}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6C5C3F3-F2C1-40EA-A307-1DC842DB7E45}" = rport=1723 | protocol=6 | dir=out | app=system |
"{D73AB454-28A1-4F0C-B512-8D5D60E528E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8F3236F-C881-41F8-AA0C-F983E585C6C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCCCB891-96E3-424B-A827-6C61F7DFEC20}" = lport=57110 | protocol=17 | dir=in | name=pando media booster |
"{DEF94C6A-8AE6-4D60-B7F7-BE833FA0631E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{DF8FE780-C7C2-48C5-AD42-083A756971F0}" = lport=12000 | protocol=6 | dir=in | name=blackshot |
"{E1443FA6-1D78-4BCC-A385-F443CC1DEA25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E57BA087-B837-41DD-A35D-5A56BDEADCDA}" = lport=57110 | protocol=6 | dir=in | name=pando media booster |
"{ECAC3BDF-C1B9-4383-BE97-35CF15FADD8F}" = lport=5358 | protocol=6 | dir=in | app=system |
"{EDF00113-2945-4D29-A9BA-E32D91E69669}" = lport=445 | protocol=6 | dir=in | app=system |
"{EE86F3E8-8218-4C88-AAFC-D8B745712D49}" = lport=50302 | protocol=6 | dir=in | name=akamai netsession interface |
"{F21D39F4-9E12-48F8-9AC9-27282C6CCF26}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe |
"{F2DA43BB-85B6-4C22-BB27-69745A0D670E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F38E25D1-8A0F-4E81-8CF5-7F25B8EE1A4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F43E3141-A5F7-43B9-B153-85D5C697B305}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{F759D9ED-8B9A-4C2C-BB2C-714709D8372A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F884D324-AEAE-4C9D-BD4E-8F40690FCCD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F9DC9720-0700-46D5-A75D-6DF9B7419DD5}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{FBA9D1F2-9F20-4C61-B188-0E459BA92FC6}" = rport=1701 | protocol=17 | dir=out | app=system |
"{FD1E56AD-DC25-41B5-B175-307876784DF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{FDE2A457-5592-4B9B-830E-8E7DB12C7898}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FE79851C-CE8B-4F91-AB0C-717E4E4294E7}" = rport=5357 | protocol=6 | dir=out | app=system |
"{FFFD26EF-0F7A-47F1-926E-3DC5D4C23704}" = lport=80 | protocol=6 | dir=in | name=hypergts.exe |



Ach, und nochwas. Das ist der PC meines Sohnes der da nicht so richtig funktionieren will. - Mit den Shootern dort hab ich Persönlich nichts am Hut.

Und es wäre nett , wenn du mich auf "Dubiose" Dinge hinweisen könntest.
(Mein Sohn weiß ganz genau was ich von Software Piraterie halte.)
Ich sage ihm auch immer. "Lädst du dir sowas runter, brauchste dich nicht wundern, das dein PC mit Viren überfüllt ist.

(Da fehlt noch ein Kleiner Teil vom extras log)

Also. MFG Jörg.

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026CE01C-2819-42E6-A90A-30615D561529}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0345808C-6766-47D3-9D51-B21A462A93FD}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{0357A389-A6A4-437E-8922-12895CF2C3A7}" = protocol=17 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe |
"{04D2389A-4E7E-41EE-B8AD-3996E3D22D94}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{04EE0AD0-77EF-4EB7-965D-911FFCCA75C0}" = protocol=17 | dir=in | app=c:\users\gamer-pro\appdata\local\microsoft\windows\temporary internet files\content.ie5\f1pt1xib\index[1].nhn_from=desktop |
"{0A39113D-D74C-416E-B2D7-65AF799A39F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C8B0E0C-4B6B-42B9-A3B9-9459606DF097}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{0E5EF86B-F430-4870-8FEA-80689E898E9F}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{117B9245-3E1C-4618-B30F-3AFF3CEC7898}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{13EB349E-583E-4B66-ACA7-2721D35CE156}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{14F681BC-D89A-4A65-A7DC-2CFD6A0B4B92}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{17265F8A-2ED1-4C8C-B59E-5F33E17B5CDF}" = protocol=17 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{1BF38A9D-BFBB-478E-8E7B-DE955ABF0548}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{1C61A8B2-1716-4CC8-9E3F-7658F04BA6EE}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{21597371-23D5-4FC0-AEC8-E7838AE6D143}" = protocol=6 | dir=in | app=c:\ijji\english\ava\binaries\ava.exe |
"{22A697ED-6D7A-4EB1-80D8-B83C16A569D0}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{22B43FFA-6C28-435D-BF5A-91018FA75720}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{230422D9-F1D6-4F7C-935B-B890E2EDE83E}" = protocol=6 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gameguard.des |
"{255407FF-268B-4B36-A38F-FA101C4376DC}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{2846B53B-3744-4FCE-9B94-947A3F485A8C}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{29815ED1-D786-48F5-8CC0-9C53FCF8466B}" = protocol=6 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{2EE7B4FE-42AC-4C17-9782-3762692A0771}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqimeregdict.exe |
"{314484BE-EC76-4011-8ED2-CAD407262A5A}" = protocol=6 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{347C1239-DA85-409A-B10B-311E3D81B7A3}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpyliveup.exe |
"{36384461-8C71-45DF-A349-E6BC791140F5}" = protocol=17 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{3C635A5F-56D9-41CD-98CA-2A0DA1F3F89A}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{3E2B8CD3-192D-4D5B-8F06-743EAAB1E58C}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqimeregskin.exe |
"{3E409EA2-DBF1-4F28-B466-AB63C7DBD333}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3FB64F9F-DA01-4398-914C-5A10AFEA33D8}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpylevel.exe |
"{42E84542-1EA2-4527-945D-78BB12E497EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{43F4DEB8-0F4A-4F3C-BCE6-1B662EFD1739}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{4545D6F2-3D3A-451A-A23D-94486A874B99}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{47D69719-29FC-4B72-BDF5-7363ADFC71A9}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{483489A2-6B0D-4484-97C4-DE5FFDF11D38}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4876541C-6EAB-4A1B-8E20-938165F48ADC}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearmp.exe |
"{4EC2AC76-5288-4B52-8D3A-9997171D7288}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5055852F-90E7-4B2D-B65B-DD3C6480C522}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{50F209EC-A987-435B-8AD7-922C05C0D4FB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5167F569-D9F5-4F32-92A1-43EC9D3FC651}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{52B6E4D6-8131-4D14-81C2-165538F5FF65}" = protocol=6 | dir=in | app=c:\sg interactive\project blackout\pblackout.exe |
"{552DD624-7ED9-4B1A-BC12-2B66E13D95E6}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\live!\live.exe |
"{569474D0-1896-4415-8EB3-1D87E33D864E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{56D13F06-ECFD-40EE-8A71-321B972B0C36}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
"{57FE6EE3-2BCC-463F-8D1B-BFA6C91106CD}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{59AB07D2-F39B-4742-A4F8-2947B10034CB}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{5E10CC13-325F-48BC-91FC-D4B4BF0D2FB0}" = protocol=6 | dir=out | app=system |
"{5EFAB899-081B-451C-A46C-B43A9AD10517}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqwubidownload.exe |
"{60CE92C1-F0FE-4BC8-A360-738E4B19BD97}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\war rock\wrlauncher.exe |
"{63724DCC-1C07-4F51-8D2C-E2023ED1F321}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64232480-C95F-44C6-A241-14B5EBFEBCC2}" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\minecraftsp.exe |
"{66BF9872-DA0F-42D1-8909-F525A6E8EC2B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
"{683FB1C8-9E0B-4574-9188-83410A0C54B8}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{6CE35222-5540-4790-A8D7-8614C9E1938F}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpylevel.exe |
"{6DC6070F-1A09-471C-B18E-29F2B1F925A8}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{72B4E865-1554-46EB-ABA3-D9C325FC53AE}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{72BE44AE-5965-4E8A-85F4-D94B69621048}" = protocol=17 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gamemon.des |
"{73C4D376-5CA0-446F-9224-2346E09BE8B4}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqwubidownload.exe |
"{76DB7B71-6258-44D2-ACAA-DE0EAA4E25CE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7A6CC12B-6EE7-4B58-960B-79678622CDDE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7AC21713-26A1-4A3B-8BA4-6CD1CF4B608C}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{7C3CE811-96BD-4701-ADED-C4C1491DC438}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{7DEE332E-84B2-4FE3-8EFA-95EC701E0CF7}" = protocol=17 | dir=in | app=c:\program files\techsmith\camtasia studio 7\camtasiastudio.exe |
"{7F1DFEA0-6BBF-483D-8EF8-4DA5D1C07776}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{81F7199D-6D33-4E1A-8EE7-1D00EA912912}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8228C7A2-13F2-4F67-8D04-65B15CBC38BB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{8234AD70-BB14-463F-8BEA-971776BD7DE4}" = protocol=17 | dir=in | app=c:\users\gamer-pro\downloads\sweetimsetup.exe |
"{835BA0AC-1E93-417C-9EB3-569E4AEFE388}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{84270526-CBD7-4FE1-9FCF-1F5DF52E4079}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{86359691-B955-4856-B76F-EC921BAFA82E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{89E17BE2-FA30-400B-9F0E-FF5662F22DA7}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8AD84060-2850-4C25-88C9-3B6248C00DF9}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{8BEEBAE4-C124-449C-BC9E-CFB1F81E0C12}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8F0F1428-9307-491D-B406-0D0DA2C58ABA}" = protocol=6 | dir=out | app=system |
"{91A07A67-C7D1-4349-9C2F-083B95BF48CD}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqimeregdict.exe |
"{9233B81C-7DCC-464A-9805-E20ED2DEB0E6}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{956F3AEF-229E-4BE5-9CB9-015B0F660A8F}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{97AC6212-9B70-40CC-875F-1505DC8B0878}" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\minecraftsp.exe |
"{999DD7EC-13FE-4F6C-AF96-D2915EBD57AF}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqimeregskin.exe |
"{9AC48DF8-760E-403B-8BB7-2B864857E930}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpydict.exe |
"{9BDE90A8-6CCE-42F5-BAE3-38B4FBC53E03}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{9CDDC962-1126-4826-84F1-213D9A66F657}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{A0AD84F6-BFE5-47BB-8C1E-FB8933366AC2}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{A1153E2C-E9E2-45C8-86BB-BF214BE638C4}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{A5770322-33EB-4C85-862B-9AC72A3A34DA}" = protocol=6 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gameguard.ver |
"{A72F8355-BDC9-4790-9F73-F36C14D43D4F}" = protocol=17 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gameguard.ver |
"{A9A7C0FC-82C4-4845-BF70-C4FA596F57EE}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{AA324133-BD21-4E7B-BF7C-88D17270F16A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC8B2A8F-894A-4DC8-8969-2BEA7E7A4E8E}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{ACE6F5C6-A7EE-4DDB-B7F7-59DEE21D950E}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\live!\live.exe |
"{AD59A577-8C1A-43FD-93E5-E6B6565C9AEA}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{AF341AB2-325F-41CE-985F-74E81E271DE1}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{B13072D4-A1FF-415A-A316-6B9E69EE2E78}" = protocol=6 | dir=in | app=c:\users\gamer-pro\appdata\local\microsoft\windows\temporary internet files\content.ie5\f1pt1xib\index[1].nhn_from=desktop |
"{B48023C2-4D8E-469C-B8F4-FDADBB151B92}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{B5415CFA-CD0C-432B-BA76-D249E3CD8660}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{B5C28F31-C25C-4FBA-A595-1BCAEF56D5CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5DA12BC-5701-498E-A3B4-6262B5FF431B}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{B718B238-E73C-4107-90EB-6C5361591AA1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B8EF26EF-691B-4E14-A9B1-D414C57F62D5}" = protocol=6 | dir=in | app=c:\program files\techsmith\camtasia studio 7\camtasiastudio.exe |
"{B9E5477A-4DCD-4A64-AC71-56FCE49A82FF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{BB8E7765-0647-4818-8EE7-79BFB94FA2DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD975365-4104-4644-AA5D-01B44A89C2EA}" = protocol=17 | dir=in | app=c:\users\gamer-pro\appdata\local\temp\ijjioptimizer.exe |
"{BDFBFF4B-9C48-4ED3-BBF6-2131B8A1C185}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C1110ECB-8861-4705-80D7-C0C15927259B}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\war rock\wrlauncher.exe |
"{C1B092C5-2067-4B8C-A40A-C697760D61FB}" = protocol=6 | dir=in | app=c:\users\gamer-pro\downloads\sweetimsetup.exe |
"{C205E077-152B-4EE7-8C26-C07CF6865984}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C2A1DCD3-1354-47EB-8D95-89240C3CC254}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpyliveup.exe |
"{C47248CA-9063-4C82-A2E5-851B37DF1B40}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{C8F02CB9-3F41-4D9D-9005-FB7C16E28E74}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9E00E39-F923-43F2-BD08-CD0EA7CB4F6A}" = protocol=6 | dir=in | app=c:\users\gamer-pro\appdata\local\temp\ijjioptimizer.exe |
"{CB663394-17E5-4BF5-AB7F-476F8636E110}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{CC197DA4-B2E2-4050-ABAE-E4047290CC0A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CC6E42F5-D236-4CE8-9897-CC1E98FCD20E}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{CDCEDEA5-3221-4B06-A1CB-9FCAB30244F6}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{CEB6571E-DB4C-464A-ABF0-485B120D1193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF36C0A3-C22D-4CFF-BA58-817FBB13F44B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D2753932-4737-4330-B28E-0C67E98FE43E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{D2FDDB14-9893-45B5-B656-794B8924DC33}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{D804E996-A15A-4B94-B317-BC2418D19942}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D828B908-79EE-4336-BA16-9F0F58866BA0}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{D86B1C95-BF00-496F-8884-F891B40C4E3D}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{DC07E1E1-C6F1-45FD-85E4-6C878FBD1B29}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DD87330E-A784-4D4C-B8DD-0D822988AF50}" = protocol=17 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gameguard.des |
"{DF3C5282-026E-4927-9CE3-059322FAF383}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{DFC10D31-2139-4139-B220-BB011C006A82}" = protocol=17 | dir=in | app=c:\ijji\english\ava\binaries\ava.exe |
"{E4CFA707-9025-4AB1-81E4-4CAE2B283659}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{E5F235FA-5A53-4B9D-B89D-2C00F7ABCCF2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{E735C61D-46CE-4F7A-A669-9B0688191F1C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{EAB97194-86E7-49EC-960B-3B6894269D3E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{EBB49147-B8A2-459A-A702-EB95988349D0}" = protocol=6 | dir=in | app=c:\ijji\english\ava\binaries\gameguard\gamemon.des |
"{EC70029B-CFD3-462F-ABCE-27A2F07F4718}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{EC8F5E95-1D2B-454D-B937-E005A4A3ACDF}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearmp.exe |
"{EFC4F379-AA03-4A49-8376-D9255D71F0E4}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpydict.exe |
"{EFF54DF7-F442-4CAB-BB30-CB782301E7F3}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpyconfig.exe |
"{F0CE3F0F-C078-48F9-8BA4-C2F4AF8B5884}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"{F11CE493-5D2B-41DA-BED9-892DA10965C0}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.2.805.201\qqpyconfig.exe |
"{F144DB97-C65D-466A-B7FE-49615282F189}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F4A28C1A-BD6C-423F-8191-408E9EF881B1}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{F4EEEE58-E3D1-43EC-8025-504237CA6D7D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{F5E0B1BE-E509-41AA-BE58-F1D00AFFFD6B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FB692B37-0B35-4CAA-9C45-7F042717B086}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFF57C43-E33B-44B8-A72B-16FCA96C191D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{065ABC14-634D-45C8-B50E-EFB92BDD27D4}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{06A7C9E7-DC6B-43E7-AA25-D241E022AB7A}C:\users\gamer-pro\desktop\hypergts\hypergts.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\hypergts\hypergts.exe |
"TCP Query User{0AB810ED-1A1D-49D5-ABD3-41EBD1A8E8FD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{0CA67FDA-BA90-4636-BC08-E6F467B5041D}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe |
"TCP Query User{30DB6CA5-266D-40A1-B457-3F33C0DC08C7}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{346A7B96-A4E3-4B5C-A339-FE006C4150B4}C:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"TCP Query User{4448E775-41C7-4C52-B103-4771ED3DF96B}C:\program files\counter-strike 1.6 v35\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 v35\hl.exe |
"TCP Query User{46AD97C6-941E-4D40-99E8-AA83761D6019}C:\users\gamer-pro\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"TCP Query User{49F43BFF-A7DE-4525-A17E-C13D8BA29FB0}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{4BCD0C9A-54F7-4339-A65B-D2DEA5AE8794}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{4C390726-14DA-46D5-9A26-4085F48460BB}C:\users\gamer-pro\desktop\neuer ordner\launchserver.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\neuer ordner\launchserver.exe |
"TCP Query User{4CC01F0B-5730-42F9-91A9-CCEA90367F42}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4D35F2B6-28D4-44AF-9B93-F2F054B47F48}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{4E96D9C3-0B85-4DC8-A496-B577B8E7A5BF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5253149C-D6E0-4219-B616-60C62BF10F3F}C:\users\gamer-pro\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\program files\dna\btdna.exe |
"TCP Query User{584027E3-72D0-4D7E-87BD-2F2B18AF7216}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{59EFD7C3-FB91-485E-BD9E-3B6BC5285197}C:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiß wohin sie gehören\hypergts\hypergts.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiss wohin sie gehören\hypergts\hypergts.exe |
"TCP Query User{5E043488-C40C-4C75-8C62-CEF5ADB54B94}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{62503B94-E1C9-4DFA-A535-27D093D29BEF}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe |
"TCP Query User{6D9F7FFC-4AA6-4CE6-B4DF-9B5C03A081E0}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=6 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe |
"TCP Query User{82E62ACA-0BA6-40B6-902E-E28320B09F8B}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{82FF8376-E9EA-4B33-969D-1CF39471E75C}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{85211709-7BFA-42A1-BD9F-BB45A30A5849}C:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\mcadmin.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\mcadmin.exe |
"TCP Query User{86FFE72F-EABE-4FDB-9629-60CCFE425282}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe |
"TCP Query User{8E5E165C-03B6-40DE-BD44-26A6EA9C24E8}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{9E2A11BA-C4B9-4559-88FA-D121FA9CDBC6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A5AB4B1A-8A22-4B9F-AA02-1B3E101857F8}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{AEC597C7-25F6-43EC-ADAB-07B5BFF2C4FD}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{B0764E86-07C7-4034-A90C-F9766B920E03}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B4CADD24-EB14-4045-A5F2-0DD8912946AB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B51B2ABC-73D1-4AF1-B0DD-765A1071934A}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262.exe |
"TCP Query User{C5C0FADE-7CA7-4BEE-A230-C91A5A86C11E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C614EB58-BF7F-4B7A-908A-31182CA09E34}C:\program files\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - black ops\blackops.exe |
"TCP Query User{CDC795E7-DEE5-4CCB-98FE-23EA120DB866}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262_slim.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262_slim.exe |
"TCP Query User{D1A865F2-25AD-4840-A186-061F891137DC}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{D58B77D6-97C6-4986-8B5E-2227CB7B3E51}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{DAAB68D3-41D3-43E6-A34F-798D9274EF65}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe |
"TCP Query User{E05C17D0-B5C1-4E81-93AC-29FC97539822}C:\users\gamer-pro\downloads\counter.strike.source.2010.orange.box.nosteam.[setti]\counter.strike.source.2010.orange.box.nosteam.[setti]\counter strike source 2010\hl2.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\downloads\counter.strike.source.2010.orange.box.nosteam.[setti]\counter.strike.source.2010.orange.box.nosteam.[setti]\counter strike source 2010\hl2.exe |
"TCP Query User{E0CECDE1-7C60-409D-81C6-02AC03EE5AB9}C:\program files\steamless counterstrikesource pack\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steamless counterstrikesource pack\hl2.exe |
"TCP Query User{EC826970-9D7F-47E1-8582-632D3E16C919}C:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiß wohin sie gehören\hypergts\hypergts.exe" = protocol=6 | dir=in | app=c:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiss wohin sie gehören\hypergts\hypergts.exe |
"TCP Query User{F33067DB-FB5D-4266-BBF1-5866E06C168E}C:\program files\counter strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter strike 1.6\hl.exe |
"TCP Query User{F9CEB216-73E5-423A-9D1B-0A88C1E34FEC}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{04514E41-1262-402A-8D2A-D7BB6283C672}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262.exe |
"UDP Query User{123A4EE0-6C30-4C46-9FF4-B6FEE81C3BB7}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{1A506AE2-9547-4AE8-ABE3-AC06557130ED}C:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"UDP Query User{2121CD03-51BC-476D-9D7F-2D10F7929E37}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{21A0CCEA-1D3A-4D7D-88A1-39497974373B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{277D72BB-3948-4933-B655-AB4F59A3CB95}C:\users\gamer-pro\downloads\counter.strike.source.2010.orange.box.nosteam.[setti]\counter.strike.source.2010.orange.box.nosteam.[setti]\counter strike source 2010\hl2.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\downloads\counter.strike.source.2010.orange.box.nosteam.[setti]\counter.strike.source.2010.orange.box.nosteam.[setti]\counter strike source 2010\hl2.exe |
"UDP Query User{2D186F08-8BE4-4BC1-9CF7-F83BEAD8E7BB}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{332428F3-1865-4DE2-80E3-36440B488025}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{43E4726F-B77E-485D-AF14-A2E2E0104AC7}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe |
"UDP Query User{4B36B077-0009-4CE1-97DF-F66261880607}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{4D21543E-4309-4221-9D2A-DCD478DDA210}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{56AD3BF4-DC97-40D2-AC24-C7347AA6F50D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{5AED11E3-2AB3-4190-AA4C-3A792DAA3DE8}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{6173626C-63A4-4FB0-B555-8B44E646E822}C:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiß wohin sie gehören\hypergts\hypergts.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiss wohin sie gehören\hypergts\hypergts.exe |
"UDP Query User{627A30BD-3FF4-4D8E-9F06-6BC6081EF943}C:\program files\steamless counterstrikesource pack\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steamless counterstrikesource pack\hl2.exe |
"UDP Query User{719B0323-E642-4AA9-AC8E-C4BC81542390}C:\program files\duty calls\binaries\win32\dutycalls.exe" = protocol=17 | dir=in | app=c:\program files\duty calls\binaries\win32\dutycalls.exe |
"UDP Query User{72B94C19-39EA-4081-9AED-E20E9EC3FEE2}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{7D4D4F27-22D6-4C6F-97B0-5FA58CA39214}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{846A689F-D030-42EA-98A5-E315276FB40C}C:\program files\counter-strike 1.6 v35\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 v35\hl.exe |
"UDP Query User{8D581E28-1E24-4EE1-88C0-B1057B6B7325}C:\program files\counter strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter strike 1.6\hl.exe |
"UDP Query User{929B03FB-CDE7-4187-8900-B450B92487BC}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{9474584D-9330-4B26-A989-40B8DAAAF1CE}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{94AFBC34-B77E-46D7-B42E-76809BC0CFCD}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{A159C74A-4DCA-4FF5-81A3-377BB723DC18}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{A21D0772-DCF2-4D82-9056-0EFB40E64838}C:\users\gamer-pro\desktop\neuer ordner\launchserver.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\neuer ordner\launchserver.exe |
"UDP Query User{A2301F86-A595-4EF8-8D59-811391A77F88}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe |
"UDP Query User{A36B99A4-A3FB-4F11-8D5F-EF3374915C14}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A7EE1DFA-94D2-420C-8833-FDE159CBDC01}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{AEBC2C55-49FD-48B2-9D40-EEA4770C6AD1}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe |
"UDP Query User{B35E97F4-28ED-45A9-9DF7-58C4526FBC6C}C:\program files\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - black ops\blackops.exe |
"UDP Query User{B6536A9A-5DED-41F6-867F-172293964E0A}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe |
"UDP Query User{BECED517-F098-426E-9E3E-EC88008620B4}C:\users\gamer-pro\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\appdata\local\temp\7zipsfx.000\cf_downloader.exe |
"UDP Query User{CACD2BFD-B238-4A55-BD61-6F933D1F4117}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{D3C62650-4250-4F76-9D66-5FB8D033E13E}C:\users\gamer-pro\desktop\hypergts\hypergts.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\hypergts\hypergts.exe |
"UDP Query User{D41381E3-8DB4-47D7-A412-81E753F250FA}C:\users\gamer-pro\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\program files\dna\btdna.exe |
"UDP Query User{DE880ED2-072E-4A08-8F38-8D354CD4F868}C:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262_slim.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\downloads\yuleech-runes_of_magic_3_0_5_2262_slim.exe |
"UDP Query User{DFDD38B3-F9D5-4454-8DB8-18DF1399556D}C:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiß wohin sie gehören\hypergts\hypergts.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\alles sonstige wo ich nicht weiss wohin sie gehören\hypergts\hypergts.exe |
"UDP Query User{E300BE90-C652-4B5B-A0EA-BBC06159B85B}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{E85CC5A0-9701-41CB-B0AA-ECBDA5CC55A3}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{F1136881-9FA8-4E00-AC06-82842CA277D6}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{F15D6886-3710-42FB-A8B3-566FDC7A115C}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{F4512AF9-CEA5-42D7-96D0-80B1295095E0}C:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\mcadmin.exe" = protocol=17 | dir=in | app=c:\users\gamer-pro\desktop\aufgeräumte spiele\neuer ordner\mcadmin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{17C58D81-1544-46C1-9B97-D99BECAF4509}" = HP JavaCard for HP ProtectTools
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7
"{1A621A2F-98F6-4373-89A2-8ED16076990A}" = WinRez LT Studio
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22877DAE-EA0A-47BB-9DB3-47D46CFF885F}" = SlimComputer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C8CDDCF-D09A-11DF-8BB6-0013D3D69929}" = Vegas Pro 10.0
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{49058C21-E4F6-4A99-B715-D62715E0A2A2}" = Vegas Pro 9.0
"{494420A9-5F25-457B-9BBF-228E6A73B94B}" = MAGIX Speed burnR (MSI)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.0.4
"{5EB3F5E2-1533-42D2-97C2-E0BA06CA6939}" = GenesisAD
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1" = BigMacroTool 1.5
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{674636D6-F844-4ACB-AA56-3F4E55F172D6}" = SlimDrivers
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EBF5C73-D05A-485D-AB60-E557F9947359}" = Oracle VM VirtualBox 3.2.10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732799C0-7785-43C5-8496-71546A062992}" = SuddenAttackNA
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{78584C1B-8F7B-4B24-80D1-02B309F67AB3}" = Privacy Manager for HP ProtectTools
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7D8DBB7C-1C55-4950-A107-043C164F379A}" = Altiris Software Virtualization Agent
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8215AC14-BFC2-4ECC-96D6-1030202F8BDF}" = Visual C++ 8.0 x86 Runtime Setup Package
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8791DF85-6CCB-4A58-B48F-30BEF9183940}" = MAGIX Video deluxe 17 Premium Video Plugins
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8EF276E0-1D97-4B9D-BB29-013165F567CA}" = MAGIX Video deluxe 17 Premium Download-Version
"{8FB91814-FE42-4B62-9B54-4B677A420715}_is1" = CLEO v3.0.950
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BA10AC78-E687-4523-8B93-540428FC256F}" = Fahrenheit
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C0EC00E5-A2DE-4700-B731-92BC50B53DFA}" = HP ProtectTools Security Manager
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{CE9FEF4B-B88C-45DE-B89A-42BEAE7D6601}" = SlimCleaner
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAD6325D-55CF-4D30-9DB9-2ADFE02D0777}" = MAGIX Screenshare
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE1AE5E9-6ECE-4ADF-A28A-56A981E138D4}" = Credential Manager for HP ProtectTools
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6CBE802-676B-4892-AC47-A6D8FC65D140}" = BIOS Configuration for HP ProtectTools
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4
"avast" = avast! Internet Security
"AVMWLANCLI" = AVM FRITZ!WLAN
"BlackShot" = BlackShot
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"CSI-Mord in 3 Dimensionen" = CSI-Mord in 3 Dimensionen 1.0
"DFÜ-Optimierer" = DFÜ-Optimierer 1.40
"DivX Setup.divx.com" = DivX-Setup
"EpicBot" = EpicBot
"Eternia CrossFire" = Eternia CrossFire
"Evil Player" = Evil Player v1.31
"Fraps" = Fraps (remove only)
"Half-Life" = Half-Life
"HECI" = Intel(R) Management Engine Interface
"HyperCam 3" = HyperCam 3
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"lvdrivers_11.70" = Logitech QuickCam-Treiberpaket
"MAGIX_MSI_Videodeluxe17_premium" = MAGIX Video deluxe 17 Premium Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MESOL" = Intel® Active-Management-Technologie
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"midicase Toolbar" = midicase Toolbar
"Mission Against Terror Online_is1" = MATonline2.1.6.321
"Mozilla Firefox (2.0.0.15)" = Mozilla Firefox (2.0.0.15)
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Firefox 4.0b11 (x86 de)" = Mozilla Firefox 4.0b11 (x86 de)
"Mozilla Firefox 4.0b6 (x86 de)" = Mozilla Firefox 4.0b6 (x86 de)
"Neffy" = Neffy 1,3,29,0
"NosTale(DE)_is1" = Nostale(DE)
"OpenAL" = OpenAL
"Opera 11.01.1190" = Opera 11.01
"OPERATION7" = OPERATION7
"PDF Complete" = PDF Complete
"PE Builder_is1" = PE Builder 3.1.10a
"PlayClaw 1.8 build 760" = PlayClaw 1.8 build 760
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RealPlayer 12.0" = RealPlayer
"Sandboxie" = Sandboxie 3.50
"SimpleScreenshot" = SimpleScreenshot 1.30
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 400" = Portal
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"TeamViewer 6" = TeamViewer 6
"TmNationsForever_is1" = TmNationsForever
"Unlocker" = Unlocker 1.9.0
"uTorrent" = µTorrent
"VistaGlazz_is1" = VistaGlazz 2.1
"VLC media player" = VLC media player 1.1.7
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Opera Update Checker" = Opera Update Checker
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinSetupFromUSB" = WinSetupFromUSB

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 09.03.2011 09:46:37 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.03.2011 10:09:08 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.03.2011 11:07:50 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.03.2011 12:25:39 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.03.2011 18:38:00 | Computer Name = Gamer-Pro-PC | Source = Application Hang | ID = 1002
Description = Programm Videodeluxe.exe, Version 10.0.0.32 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 13b8 Anfangszeit: 01cbe036b5605854 Zeitpunkt
der Beendigung: 82

Error - 11.03.2011 18:56:19 | Computer Name = Gamer-Pro-PC | Source = Application Hang | ID = 1002
Description = Programm Videodeluxe.exe, Version 10.0.0.32 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 106c Anfangszeit: 01cbe03ecfe37ab4 Zeitpunkt
der Beendigung: 0

Error - 12.03.2011 04:19:46 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.03.2011 10:15:59 | Computer Name = Gamer-Pro-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.03.2011 15:59:28 | Computer Name = Gamer-Pro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hl.exe, Version 1.1.0.8, Zeitstempel 0x3b9e639b,
fehlerhaftes Modul hl.dll, Version 0.0.0.0, Zeitstempel 0x3ba0e857, Ausnahmecode
0xc0000005, Fehleroffset 0x0001691e, Prozess-ID 0x8d4, Anwendungsstartzeit 01cbe27e3964bd57.

Error - 14.03.2011 16:00:48 | Computer Name = Gamer-Pro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hl.exe, Version 1.1.0.8, Zeitstempel 0x3b9e639b,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0xcb3b3424, Prozess-ID 0x1154, Anwendungsstartzeit 01cbe28257c98387.

[ Credential Manager Events ]
Error - 03.02.2011 11:26:50 | Computer Name = Gamer-Pro-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Gamer-Pro@Gamer-Pro-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.

Error - 03.02.2011 11:26:50 | Computer Name = Gamer-Pro-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Gamer-Pro@Gamer-Pro-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

Error - 14.02.2011 10:20:11 | Computer Name = Gamer-Pro-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Gamer-Pro@Gamer-Pro-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.

Error - 14.02.2011 10:20:11 | Computer Name = Gamer-Pro-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Gamer-Pro@Gamer-Pro-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

Error - 20.02.2011 17:02:59 | Computer Name = Gamer-Pro-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Gamer-Pro@Gamer-Pro-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

Error - 20.02.2011 17:02:59 | Computer Name = Gamer-Pro-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Gamer-Pro@Gamer-Pro-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.

Error - 24.02.2011 04:57:23 | Computer Name = Gamer-Pro-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Administrator@Gamer-Pro-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.

Error - 24.02.2011 04:57:23 | Computer Name = Gamer-Pro-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Administrator@Gamer-Pro-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host:
localhost Client-Adresse: 127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost

Protokoll:
HTTP

Error - 07.03.2011 15:53:49 | Computer Name = Gamer-Pro-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Gamer-Pro@Gamer-Pro-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.

Error - 07.03.2011 15:53:49 | Computer Name = Gamer-Pro-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Gamer-Pro@Gamer-Pro-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

[ System Events ]
Error - 15.03.2011 11:18:52 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 15.03.2011 11:18:52 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 15.03.2011 11:20:39 | Computer Name = Gamer-Pro-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 15.03.2011 17:20:45 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 15.03.2011 17:20:45 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 15.03.2011 17:23:27 | Computer Name = Gamer-Pro-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 15.03.2011 17:35:36 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 16.03.2011 10:13:47 | Computer Name = Gamer-Pro-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 16.03.2011 10:14:20 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16.03.2011 10:14:20 | Computer Name = Gamer-Pro-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Da noch das letzte Stückchen.

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.

Weitere gibt es nicht. (Hab´s erst neu auf dem PC meines Sohnes Installiert.)

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Ich habe das Script ausgeführt. Problem besteht weiterhin.
Da war aber noch ein gewisses Textlog... Weißt du vielleicht irgendetwas damit anzufangen? (Und ähm Entschuldigung für die so späte Meldung. Hab viel um die Ohren.)

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

http://saved.im/mtm0nzyzmzd5/cofi.jpg

• Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Es staret. Meldet aber, das AVG vorher abgeschaltet werden solle. (Was komisch ist, da Avast auf dem PC installiert ist.) (Vielleicht einige Registry Keys die im System hängen geblieben sind?)

Oh, AVG bitte vorher deinstallieren.

Ich habe den sogenannten AVG Remover runtergeladen und ausgeführt. Keine änderung bisher.

AVG ist runter? Wenn ja, bitte Windows neu starten, cofi.exe neu runterladen und nochmal probieren.

Boah, das ist ja so ein Mist , das ich ja schon lachen muss XD.

Kann keine Verknüpfung generell kein Programm aufrufen (Wenn schon dann übern Task-Manager.) Combofix hat auch Brav sein Log rausgegeben.
Combofix Logfile:
--- --- ---

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Das Problem hat sich bereits durch einen weiteren Neustart gelöst (Das Problem mit dem Öffnen von Programmen) der IE9 Spinnt nach wie vor.

Soll ich das Script trotzdessen ausführen?

Ja bitte ausführen.

So, das Problem mit dem Öffnen ist wieder da, was aber wahrscheinlich durch neustart behoben wird. Somit kein Problem - Also :
Hier das Log.
Das Internet Explorer Problem ist immernoch da.

Combofix Logfile:
--- --- ---

Bitte führe mal dieses Tool von Kaspersky aus => http://www.trojaner-board.de/82358-t...entfernen.html

Hier das Log von TDSS Killer.

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

• Doppelklick auf die MBRCheck.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Das Tool braucht nur einige Sekunden.
• Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

GMER wollte nicht also hab ich es weggelassen. OSAM und MBR Check haben ihr Log brav ausgegeben.
OSAM:
OSAM Logfile:
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

MBR:

Diese Einträge bitte mit OSAM deaktivieren und entfernen (delete from storage)

Habs gemacht. Bin aber nicht sicher, ob die einträge jetzt auch weg sind.

OSAM Logfile:
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

Sieht schonmal besser aus. Wie ist es jetzt um deinen Rechner bestellt?

Das Problem mit dem IE9 ist immernoch gleich.

Deinstalliere den IE9 bitte erstmal, dass du wieder den IE8 hast. mach das, teste und berichte.

Ich schreibe hier jetzt gerade, vom IE8. (Läuft also alles einwandfrei.) - Sollte ich nicht vielleicht versuchen, den IE8 zu deinstallieren, und dann den IE9 draufzuspielen?

Warte mit dem IE9 erstmal etwas ab. Die neuste Software ist nicht unbedingt immer die beste.

Naja. - Aber Nicht aktuelle Software ist auch nicht gerade das wahre, was Sicherheitslücken und so betrifft. :lach:

Der IE9 ist gerade ist rausgekommen!!
Und der IE8 wird noch längere Zeit supportet - immerhin ist der IE9 NICHT für WinXP da, und WinXP wird mitsamt IE(8) noch bis 2014 mit Sicherheitspatches versorgt.

Ich sollte wie es scheint nicht wiedersprechen. (Oder Googlen :D) Weil du weißt es scheinbar besser als ich. :pfeiff: - Wiederrum möchte ich mich erstmal auch noch Bedanken da die Performance des PCs (Hoch und Runter Fahren) Extrem gestiegen ist. Vielen Dank! - Ich werde dieses Forum weiterempfehlen. (Ich kenne da bereits einen, der gerade ein recht heftiges Problem mit seinem PC besitzt.) Ihr seid einfach die Besten!

Danke ;)
Warte mit dem IE9 noch etwas ab, ich würde bis Ende April warten. Dann kommen auch die ersten Updates raus und die gröbsten Fehler sollten hoffentlich auch behoben sein :daumenhoc