Mein Pc ist sicherlich Viren versucht.

#0
14.05.2013, 21:32
...neu hier

Beiträge: 4
#1 Hallo liebes Forum-team, leider scheint es so als sei mein PC mal wieder voll mit Malware, Viren und Trojanern. Mein Internet schein gerade bei Games und oder Internetanwendungen extrem langsam zu sein, obwohl ich eine 32k Leitung habe. Außerdem habe ich 2 Prozesse in meinem Taskmanager gefunden die keine genaue Beschreibung haben und sich auch nicht beenden lassen.

Daher brauche ich mal wieder einen komplett Check und eure Hilfe, da was Viren usw. angeht ich immer noch keine Ahnung habe.

Lg Max

So nun hier meine Daten:

Problem besteht seit ca. 4 Tagen.
Virenscanner zeigt nichts habe aber auch nur das blöde Antivir was runter muss. ( Bin über eine Empfehlung eurerseits erfreut.)
Keine Pop ups und naja an meinem System kommen immer neue Programme hinzu.

Hier mein OTL.exe scan:


OTL logfile created on: 14.05.2013 21:13:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maxim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,87 Gb Total Physical Memory | 5,52 Gb Available Physical Memory | 70,18% Memory free
15,73 Gb Paging File | 13,17 Gb Available in Paging File | 83,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 446,65 Gb Free Space | 50,39% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 20,79 Gb Free Space | 81,64% Space Free | Partition Type: NTFS
Drive E: | 4,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 9,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MAXIM-PC | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013.05.14 21:04:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maxim\Desktop\OTL.exe
PRC - [2013.05.06 10:38:27 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.05.06 10:38:26 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.04.03 00:33:43 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.03 00:33:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.15 02:10:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.02.18 22:05:57 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2012.10.24 00:58:52 | 000,120,728 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.27 05:38:11 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
PRC - [2012.05.21 09:26:28 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.02.09 07:40:12 | 001,876,992 | ---- | M] (LENOVO) -- C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe
PRC - [2012.02.08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.08 04:03:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2011.09.02 17:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2012.07.27 05:38:11 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
MOD - [2012.02.23 05:24:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011.06.28 08:28:38 | 000,042,496 | ---- | M] () -- C:\PROGRA~2\Lenovo\LENOVO~3\QTKB.dll
MOD - [2011.06.02 13:58:18 | 000,132,448 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
MOD - [2011.06.02 13:57:44 | 000,161,120 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2011.12.23 18:51:22 | 000,120,160 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Windows\SysNative\NSDSvc.exe -- (NSDSvc)
SRV - [2013.05.14 20:07:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.06 10:38:27 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [On_Demand | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.03 00:33:43 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [On_Demand | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.03 00:33:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.15 02:10:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.03.13 19:22:46 | 000,745,880 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013.02.28 19:09:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.18 22:05:57 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2012.11.09 18:46:02 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.24 00:58:52 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.31 00:43:36 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.08 04:03:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.02.08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.02.01 18:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2011.12.08 10:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2011.12.08 10:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.12.08 10:43:48 | 000,618,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.12.08 10:43:44 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.02 17:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013.04.03 00:33:45 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.04.03 00:33:45 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.04.03 00:33:45 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.20 14:40:41 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.18 22:05:57 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.11.09 18:46:02 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.10.17 19:13:36 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.10.17 19:11:37 | 000,107,432 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.07.27 14:51:51 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.27 05:42:02 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon



OTL Extras logfile created on: 14.05.2013 21:13:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maxim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,87 Gb Total Physical Memory | 5,52 Gb Available Physical Memory | 70,18% Memory free
15,73 Gb Paging File | 13,17 Gb Available in Paging File | 83,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 446,65 Gb Free Space | 50,39% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 20,79 Gb Free Space | 81,64% Space Free | Partition Type: NTFS
Drive E: | 4,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 9,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MAXIM-PC | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A2E157-A834-422E-AC08-AEB0B9140C3F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{03510762-D16D-48C0-AB36-0A02FF4B2B13}" = lport=445 | protocol=6 | dir=in | app=system |
"{03BB4A1D-96E3-4DF1-9F90-7C892B16AB72}" = rport=138 | protocol=17 | dir=out | app=system |
"{0B0F6338-98E0-4DEC-8392-8CBA3AA2090E}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=%systemroot%\system32\snmptrap.exe |
"{0BF38D97-A4B2-48FC-903F-466A0A8812F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{119848E8-AD4F-4654-8DDA-1E849F12EE75}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1395847E-1FCF-4A8A-9793-FBDAA0E8C52A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{14833DB0-786D-4820-8509-8A5E7EB944EE}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=%systemroot%\system32\svchost.exe |
"{1EC5D33A-E856-4CB3-8BD6-9F755FA0E21B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{224816E9-9646-47DD-804E-15CE5F0DCA82}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{2517EEC7-6693-4B89-A856-D96472068D7D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{294EA19A-8406-43B4-8AA5-CC411057715B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AD3E57D-1305-4CC4-8F7F-BF42EC449DF3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D34EE67-7D04-4D61-BDE7-7FE436A9612D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2EE89CBB-D565-4B8E-9282-B649D088B21E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36014E57-B88D-4844-AEB3-907939AE6BF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{487AC837-1ABA-43FC-8CBB-501FD18CF2B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=datei- und druckerfreigabe (spoolerdienst - rpc-epmap) |
"{4EA66B3E-264F-42FB-ADA2-8C75B0E831A9}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{4EF9424B-4909-4B0C-9EF0-0D8C5D35252E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{509F4BDE-9699-4D01-BC55-83BE13B14C33}" = rport=5358 | protocol=6 | dir=out | app=system |
"{5406DA69-68C4-4DAF-8263-E95A165122C0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{541A1BD1-F99B-4C3E-BB0D-5EF0FF1B56CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55D31198-1089-422A-B541-014B548274D9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60DEDED6-B759-467B-92AE-E2CD2A0C2D90}" = lport=80 | protocol=6 | dir=in | app=system |
"{64DF5B50-C242-4107-B1D1-BC10B227D7F3}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{673066E8-5D55-4179-AE10-A32F866DEFDD}" = lport=1701 | protocol=17 | dir=in | app=system |
"{67539466-20A9-44B6-8859-5B25C46A8FFD}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{68466F4A-8209-4960-BABF-BFCC25E360A1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69AF3574-81A8-4906-A5DD-D63D78595604}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6A3B414D-0378-4351-86FD-B33235FFD178}" = lport=445 | protocol=6 | dir=in | app=system |
"{6B487E50-9821-4922-9CB1-F5104495BB65}" = lport=1723 | protocol=6 | dir=in | app=system |
"{74CCC4A6-4679-41CA-8472-732DB2557179}" = lport=138 | protocol=17 | dir=in | app=system |
"{76B032A5-94C0-4912-B73F-7B71F189CAD4}" = lport=5358 | protocol=6 | dir=in | app=system |
"{76CB291A-DE77-403B-8D74-CB730EDEA26A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{797C2C1C-99B4-4BA7-99C5-3C56CC454D71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7A9604BF-4304-4215-BD3F-07120960E615}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe |
"{7AE1DEEA-5E62-4712-A9A2-24C696F8DE88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C574F7C-297D-40D4-A3EB-A19C812B1DCF}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{802D1731-E011-4F21-95F8-1B39D435D7BA}" = lport=5985 | protocol=6 | dir=in | app=system |
"{81E16FB8-436E-4932-9014-B775E7EA596D}" = rport=445 | protocol=6 | dir=out | app=system |
"{839D57C7-557E-4986-A17B-F662CF55FDC2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{8575DFF7-ABB1-4EAB-A768-540A7BF3CC72}" = lport=137 | protocol=17 | dir=in | app=system |
"{871A2DBB-531D-4116-853F-4C6AB3EAC1A4}" = lport=445 | protocol=6 | dir=in | app=system |
"{8ED1590A-AF76-49A9-988F-B8960BBE12E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F42C1FF-7A16-4027-B76B-2CE61F99A2D0}" = rport=5357 | protocol=6 | dir=out | app=system |
"{94BF6575-8EA2-4A42-A1B0-4D4EAE7B9BE2}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9B731285-34E6-43C4-85C4-71B2CD2A8A39}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F49AEF3-53D8-4E17-93E7-13A56EF7B425}" = rport=137 | protocol=17 | dir=out | app=system |
"{A1A70A56-714E-4D48-A1A8-A32F040DAC21}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{A1AA0650-2C0C-465C-A364-0059AB18A3BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A4B3260D-BF75-485B-ADE6-2BCB0D1E578A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A99C5F32-02C6-4AD6-A9F9-2BE128BC37D0}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe |
"{AA3D7864-AAAC-4F8B-91A8-FDDD9C6342B4}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B11B2D4E-208B-432B-A954-C063371CFA0F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{B341C07D-78EC-4636-A5B2-D34A11C3DEE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4A20FF1-4EF8-4FAD-9479-4FBD664B911A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B61F8FE2-2FC2-4794-8D20-50513792E590}" = lport=5357 | protocol=6 | dir=in | app=system |
"{BB7839B0-2297-4C34-B88D-8DCA25B7B233}" = rport=139 | protocol=6 | dir=out | app=system |
"{C17CE652-315B-4AA4-9132-6699423B8B1D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{C1A0B413-67D7-4F56-AB19-BE8ACC9B9BA1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4C0A3FF-8C08-4348-8FD8-B797B0B33497}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{C863E848-711A-4262-A8B3-5A6E748B8610}" = lport=443 | protocol=6 | dir=in | app=system |
"{C980079B-ED09-4F58-A854-B30E6A28C705}" = rport=1701 | protocol=17 | dir=out | app=system |
"{D31F8E83-59BF-4653-B5E9-E9FFFB07E2E7}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe |
"{D747D2A1-5613-43EC-A6E9-8BB79936281E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{DA602339-34F9-4B2B-882D-71C7FE0831A4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD5CD11A-91F5-4AC3-8AE5-B3FEFF66929B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE2275C7-7D2A-4D57-B5F0-DE18657CBA6B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAA1A5B1-7150-45F0-88BA-AA310449173F}" = rport=1723 | protocol=6 | dir=out | app=system |
"{EB4A243A-8106-44E2-9511-4AA58C7AD6D0}" = lport=10245 | protocol=6 | dir=in | app=system |
"{EC83036D-3D1F-4ADD-8189-1CE059E2B788}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{ED2E1CC5-D4F6-4B2E-93D0-68204E0AB916}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe |
"{ED950AC9-0679-4BDC-82C9-DD7439160C3B}" = lport=445 | protocol=6 | dir=in | app=system |
"{F449D168-7E0A-45B5-831A-6FA644DECF34}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe |
"{F5609AAE-7718-4E19-86B2-1BE873D4CA89}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{F8FC65F9-66FD-471A-AE55-06A46D0082BD}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{FFEF705A-3C92-4F56-B860-5F0D8F355F29}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02BE28CC-9120-4173-A1A1-E887A569ECEF}" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{034B1F4F-C3CC-4C9C-B448-B0149E117DD9}" = protocol=1 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv4 eingehend) |
"{03D52341-89DB-411D-B0F8-E928878C5CDE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\engine.exe |
"{043A1F39-5FDB-4332-A2ED-6447F1FCF6E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{04F31F25-A275-4464-BD8D-1E5A70C2B422}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{055688EA-7ADE-4F21-B080-32D5E8C1D258}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{070B7C85-B105-4F00-9999-2017C4A6C2A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{07C42267-36B0-4556-A577-1DCC4E7DA261}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{09C251CA-9063-40E2-B549-5AB36A1A2D77}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanet.exe |
"{0A054219-AC62-4257-BC35-646330AA799D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{0AD9845C-B41B-4ABD-9970-3286919F69F8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{0DA4D745-0671-423F-9565-EA26883810C6}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{0E7B8E5B-FB23-4016-B003-D3731DFB6385}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{0EAEA10C-1D7B-41E0-B105-1FFE99346F28}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0FF52489-0147-4AED-AD43-ACB7170C127D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{1115F5C9-8ACB-46CA-8CF0-85DB00C7F650}" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"{1380617C-21EE-446A-89C2-F6236B9FBE3D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\editor.exe |
"{150A7318-4D9D-464C-BE60-0D1DBC9EB3A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes relaunch\reliccoh.exe |
"{1709D39D-2F67-4D2D-9CCD-C8CA5C04417C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18EA0286-F6D2-46C6-A598-3F53A0D265A7}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\world of warcraft launcher.exe |
"{19812186-BA9D-44D0-8FDE-60D2571020A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{1D1B8FB3-1FC3-4F6E-9095-22F7B12C2423}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{1DA69E47-78C3-4141-BBBE-455A8E3F3C2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\engine.exe |
"{1E4E8891-05A7-495F-BEA2-6891979E1C63}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{2059FBE0-7D1B-4E69-85F9-5D8DAE725F29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\config.exe |
"{258E127C-B977-402E-845C-5996CF8B010A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{25DD2404-D3AE-49B0-BE38-BDC2E4A68EB9}" = dir=in | app=c:\users\maxim\documents\the war z\warz.exe |
"{28A81AD9-6DB2-4A95-B167-BCEE1E8B1533}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{29EEEF62-204C-4B11-A662-9FC3B74DDA86}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{2ACA679B-DEBE-4C24-B1AE-95D538D66D8F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{2B57FC27-1B3C-44DC-8E2D-C27B9FA7E6BF}" = protocol=6 | dir=out | app=system |
"{2D7B1B08-DFE4-470E-83BD-B97F5A7CE9D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{328DC926-D505-4A12-8272-1D03576B47D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{32B46601-0471-41E6-AD13-8FC664019BD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{338958D6-D560-45C9-866C-A4192CD48199}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{3C3E57D5-E894-45AD-98F4-0E6EA317A0EC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{3C57CA10-A177-4C3F-9CAF-8CF9B9A8627B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4725B8EA-C449-4DA0-AABC-66ABF566FDCD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{47A8889D-6E77-4B4A-A06F-D2EA33680351}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{47DC181F-6A4D-45A2-8930-A27A44EC145E}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4A794120-7003-434D-8B2E-31DCDB8D7A34}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4BE6934D-0BE3-4A3F-A8AD-8C5AC0F2EE61}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{4C02500A-8D51-4CF6-A131-71805C4890A3}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\world of warcraft launcher.exe |
"{4D1B1BEE-669A-49A4-B228-1891A5BF36F6}" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{4D6B545F-73DB-430B-89E8-B802FA1D9955}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{4D710103-8ADD-4791-AD65-2C07A7340A2C}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{50F5A16E-BC7C-4640-9C8B-CD3440152BA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\leviathan warships\leviathan.exe |
"{51CD597A-51EA-4909-AD8A-D369A91FA82E}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{52EAA6C3-38D1-42E5-95D8-56E63E049528}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53D8C211-79ED-4901-BA7A-733603A5320F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{54DF7FFF-CD79-45AC-A767-3080BE9C5C2D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{57D698DD-34EE-447E-AFFD-3D202138DE65}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{58CD4C4B-F6C1-431A-AD47-479E79D47B08}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{5AC048EF-FCD1-403D-82F5-5B1B8DB00A53}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe |
"{5FAEE950-85A2-420B-A30B-D67B5F3EC82F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\editor.exe |
"{63EFFF0F-8CFC-4AD1-9928-7C71CA522694}" = protocol=58 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv6 ausgehend) |
"{63F7B1B9-84DB-44D9-BB0B-A041C142B67E}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{652B2A00-232D-4FCE-8E3B-0868745F4E3E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{66D3C149-6E6D-4B99-917B-F4D6D3F941A4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6782CA63-29C1-4EBD-8586-FC272813668A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{67A5A820-C16E-4079-B20A-3F3C305D52FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{67AF52A2-82A3-4A95-BA04-771D2D4EE84D}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{6E6FE08D-96FD-4F3A-92AD-2DC6C6CB5324}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{6F29CE98-3E31-4856-ACDE-503937774518}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanet.exe |
"{724889D9-218E-4069-8AA3-B653D0DA7413}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{73026CDB-E782-41E9-B085-DBC92054B2BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7416CAB5-2EB4-4D8C-BA70-EA1C23F9E852}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{74777F33-8F5C-48C7-A179-36AE2678925E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{7808201C-92D3-4D93-8BC1-B15BD2B5F48F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A4D0974-761F-4213-8359-F1C04D51026B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E5FC4F6-A5FA-42A2-87F0-CD4729D2425A}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe |
"{80265B51-4B6F-4CB2-AE31-C50BAA896505}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{8247246D-3AF0-4119-83FA-3C87C372DDD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82C8B222-3AFE-4A1C-A200-BE2D59AEE62C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{83D15FFD-B81F-4AC7-943F-3A9BA500EE3F}" = protocol=47 | dir=out | app=system |
"{857C3D32-5AB2-4F65-A77B-3EFA039B3F1B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{877B35A9-4006-48F4-A241-E895F688CBF3}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{884464F7-41D7-4349-962C-395CAFB3EDCA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamspeak 3 client\ts3client_win32.exe |
"{8C3CE1F8-B06F-4F24-ACB3-080A8BE63C2B}" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"{9109EA41-A55E-481F-84B0-729AD7BA9FF1}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{93ACCB73-1AA9-41D7-8F7F-F9FA1E5041BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes relaunch\reliccoh.exe |
"{93F961C4-4860-4740-AB9B-0F88EA7D02B0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{93FA8290-DDC2-4E9D-913D-E4F3065DBEBB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{9581B68B-1AC0-4B16-BB97-BDEECD955860}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{9691E9C9-A876-44E9-B6E3-F57FC779105A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{97053CE3-BEE6-44DB-A09D-DD81A3D57075}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{994CFBE3-D92A-41CF-B609-E01234FC9ED6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{9AA094BC-B0B8-43F6-95A9-EADD77010746}" = protocol=17 | dir=in | app=c:\program files (x86)\teamspeak 3 client\ts3client_win32.exe |
"{9BAC2142-B12F-4070-A84D-40B57BBBAC48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9CF19BAF-2A67-4C1C-8BAD-F96DE8FAE5C7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\godmode\bin\godmode.exe |
"{A12B9C87-7EAE-4595-BFAA-60508D533AE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{A2894D2A-F0B8-4A3D-BFB8-D9C327BF4587}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\ns2.exe |
"{A53BC31F-E03E-4C22-89E1-5B8367D6D133}" = protocol=58 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv6 eingehend) |
"{A75639F4-3F06-4D8F-98CB-FD4F54F75972}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{A89DB367-738C-472E-BE03-42D0D2A0E11C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\real warfare 2 northern crusades\config.exe |
"{A9EA0BFD-6DE8-49D5-9815-6AC0A9746C11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\leviathan warships\leviathan.exe |
"{AC164C63-B956-45C5-A77F-D491B4598D83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\natural selection 2\ns2.exe |
"{ADAA1CF6-C0DC-4E5B-A1AE-E4109345BD6F}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{ADD080DC-4B9B-4797-AB21-3D00F7768B87}" = protocol=6 | dir=in | app=%systemroot%\system32\plasrv.exe |
"{ADE2AD6B-2C1A-498A-BCD8-792E20670A62}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{AFA1C385-5BFF-4FCD-8F2C-358F41F58A7E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{B062D8EC-0DE2-4CC4-A726-D50B17E5ABD8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B0F253C2-6F8A-4D31-9471-4281934FA4E9}" = protocol=47 | dir=in | app=system |
"{B15ECD3B-0C97-4068-B98E-CE8997E61337}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{B1CA1DF2-20C5-485A-8111-8229D93D2632}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B27550BA-D6D6-4F2E-992D-F725DE9B7AF9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{B6D36BFE-5F14-46ED-96BE-A4433E52FABB}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{B78C195A-ACE4-40A4-9F7E-B021D01D4798}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{B8BD4659-877C-4CF6-80FE-AF1DAEA6165E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{B9833643-DFFB-420A-96BA-63D7693A4814}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BC0331E6-3BE3-43C2-969B-F350178F44FE}" = protocol=1 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv4 ausgehend) |
"{BD25135D-0887-4541-B43B-3E984FBFCBA3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BFB0480E-55BA-4313-80CC-F4AFB42D9A87}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{C02EBFE0-88E1-49DB-A596-44FF946AB584}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{C19A1E2B-EC07-4020-838D-94B80C14028C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4D447D3-F5B1-4D40-A5AE-C9B145BBC3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\godmode\bin\godmode.exe |
"{C6DB1708-A7B5-4EDA-990B-D1B99290EB22}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{C82FCB06-0388-4DB1-8465-98DEDEF8532C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{CADF3CC0-13FB-499E-BF4A-52A2BA7D9837}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe |
"{D59E568E-ACD5-4BB8-B087-D0828CC402CD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{DD014245-B127-4B5A-897C-9E0E5AAAC211}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{DD337DF1-6334-4E81-BB66-BD0C874A010E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{DE46AA4D-BFF8-4D34-9366-D32CEB261C9C}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{E149031F-C7FD-4D43-9666-6A901AC2ADA4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{E201B809-7ECC-4869-BD67-6D484A30CA2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{E62FFECA-AF82-4538-89FA-B92C1BB08E95}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{E67FF41A-EE2C-4500-AA3A-8E7999F1545F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{E7F7C146-8D50-422E-AA39-639C9A07F0B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{E8BEB658-6C04-4E70-92FB-B53E829770B4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC27F908-1016-464A-A1CB-329C591EFE5C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{EF2765A8-492F-4AA8-A988-CB3FDE04A018}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{F4533FD6-DDD6-4EAE-8350-F6ED8D4B9FAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F8133437-8DBA-4DE3-8489-B63747886771}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8474142-D01E-4CD0-96A1-B2BF343128C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F902E206-61B5-4AF7-A7F1-01B006A682E0}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{FD4BFCD7-0A34-4A89-A371-13C65866CFDE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{FE8482FC-9BD4-4561-A079-FDF5D9787D57}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"TCP Query User{0E2F1DB5-2B25-48D0-AF3A-037F855B3D7D}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{1513CB71-E536-4FEE-9DD5-BF5A59158F8A}C:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"TCP Query User{23E7689B-9AFA-4FB1-A026-FC740A3AA5EA}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{3B7EB5E3-DD01-479F-A10D-7E4F2D5454D3}C:\users\maxim\downloads\neverwinter_nw.1.20130416a.6.exe" = protocol=6 | dir=in | app=c:\users\maxim\downloads\neverwinter_nw.1.20130416a.6.exe |
"TCP Query User{4B7EFFD3-F924-4DBF-9884-76F791649367}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{55F79EE6-B573-4536-9513-8F7C133DE1F0}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe |
"TCP Query User{6B7EA4C4-1E3F-4072-91CE-3800E2796C63}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{930C8D83-60C4-464B-B137-84CC12D5980C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{9C6A83BA-E3DE-4F80-AC93-065371B4F6D4}C:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"TCP Query User{A945ED63-1397-4D2D-8828-17552B2E60B9}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{AFE862C5-D243-493F-AD80-B37FB9839C76}C:\users\maxim\downloads\nw.1.20130309a.7.exe" = protocol=6 | dir=in | app=c:\users\maxim\downloads\nw.1.20130309a.7.exe |
"TCP Query User{CF240716-9211-44D5-8C93-DE877BC759DD}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{05D3F166-AACE-4A0D-917C-24E63C77DE3A}C:\users\maxim\downloads\neverwinter_nw.1.20130416a.6.exe" = protocol=17 | dir=in | app=c:\users\maxim\downloads\neverwinter_nw.1.20130416a.6.exe |
"UDP Query User{6414C50C-6A66-4D3E-8F37-F0962B97035A}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{65919514-219A-42D1-B0F8-D3F4F32574DA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{86C3F2DC-7081-40B2-9BBF-08CBBF4AA099}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe |
"UDP Query User{9F0466E3-9373-4589-B112-942717A8366B}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{A5AF3A2E-1F81-4D07-8809-0B2EC52A5E39}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{C087B267-D345-4BCA-AEBB-CC0A5EF8FFD2}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{CA49FC5E-DCA0-4988-936E-649962CB2365}C:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"UDP Query User{E7B83D50-1C10-4ECD-BD6E-7D83CBFC7377}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{EEB79EE2-5722-4350-8BA1-B0C230A64539}C:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"UDP Query User{F05ADA53-D813-40A4-B86C-857541EB36E4}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{F2F3A4DA-1626-4474-9EE3-304E58388FAB}C:\users\maxim\downloads\nw.1.20130309a.7.exe" = protocol=17 | dir=in | app=c:\users\maxim\downloads\nw.1.20130309a.7.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{728985C5-A04B-457C-9D62-15360F3EAF85}" = Intel(R) WiDi
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi-Software
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1)
"CCleaner" = CCleaner
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}" = Lenovo MuteSync
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 - Königsedition
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}" = Nsd
"{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69BCC264-0D43-469F-8434-31E738982E7B}" = Cisco AnyConnect Secure Mobility Client
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{81DE15C9-5390-4533-81DF-2DC936C1A40C}" = Motorola Device Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7D739D1-B597-4802-A4CB-E1FBF326C9B0}" = QuickShare
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}" = Intelligent Touchpad
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 5.0.21.1212
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"hon" = Heroes of Newerth
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"McAfee Security Scan" = McAfee Security Scan Plus
"Neverwinter" = Neverwinter
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Optimizer Pro_is1" = Optimizer Pro v3.0
"Origin" = Origin
"PartyPoker" = PartyPoker
"PunkBusterSvc" = PunkBuster Services
"Security Task Manager" = Security Task Manager 1.8d
"Steam App 113400" = APB Reloaded
"Steam App 202270" = Leviathan: Warships
"Steam App 202860" = Real Warfare 2: Northern Crusades
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 20540" = Company of Heroes: Tales of Valor
"Steam App 208140" = Endless Space
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 227480" = God Mode
"Steam App 228200" = Company of Heroes (New Steam Version)
"Steam App 233070" = TrackMania² Stadium Open Beta
"Steam App 25800" = Europa Universalis III
"Steam App 32800" = The Lord of the Rings: War in the North
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 48240" = Anno 2070
"Steam App 48700" = Mount & Blade: Warband
"Steam App 4920" = Natural Selection 2
"Steam App 570" = Dota 2
"Steam App 65800" = Dungeon Defenders
"Steam App 7940" = Call of Duty 4: Modern Warfare
"SugarSync" = SugarSync Manager
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tunngle beta_is1" = Tunngle beta
"VeriFace" = VeriFace
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"World of Warcraft" = World of Warcraft

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CT2625848" = DVDVideoSoftTB DE Toolbar

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---Get Poicy Open key suc failed with 0, The
Code is:0x422.).

Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---query POLICYVT key success failed with 0,
The Code is:0x424.).

Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---Get Poicy Open key suc failed with 0, The
Code is:0x422.).

Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---query POLICYVT key success failed with 0,
The Code is:0x424.).

Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---Get Poicy Open key suc failed with 0, The
Code is:0x422.).

Error - 25.04.2013 05:02:12 | Computer Name = Maxim-PC | Source = NSDSvc | ID = 131328
Description = An error has occurred (---query POLICYVT key success failed with 0,
The Code is:0x424.).

Error - 26.04.2013 05:24:05 | Computer Name = Maxim-PC | Source = MsiInstaller | ID = 11609
Description =

Error - 28.04.2013 10:08:58 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WLXPhotoGallery.exe, Version: 15.4.3508.1109,
Zeitstempel: 0x4cda70dd Name des fehlerhaften Moduls: ts3overlay_hook_win32.dll,
Version: 3.7.16.0, Zeitstempel: 0x5123398b Ausnahmecode: 0xc0000005 Fehleroffset:
0x00014ad6 ID des fehlerhaften Prozesses: 0x128c Startzeit der fehlerhaften Anwendung:
0x01ce4419e8091698 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Windows
Live\Photo Gallery\WLXPhotoGallery.exe Pfad des fehlerhaften Moduls: C:\Program
Files (x86)\TeamSpeak 3 Client\plugins\ts3overlay\ts3overlay_hook_win32.dll Berichtskennung:
2af61171-b00d-11e2-a6bc-446d57bedc7d

Error - 30.04.2013 18:36:29 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RelicCOH.exe, Version: 2.602.0.199,
Zeitstempel: 0x4db843f0 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x1284 Startzeit der fehlerhaften Anwendung: 0x01ce45ea67d6d1db Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Company of
Heroes\RelicCOH.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung:
661627bf-b1e6-11e2-a6bc-446d57bedc7d

Error - 09.05.2013 07:13:32 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Leviathan.exe, Version: 3.5.7.45015,
Zeitstempel: 0x50c7795d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x1ba1b3c7 ID des fehlerhaften
Prozesses: 0x1080 Startzeit der fehlerhaften Anwendung: 0x01ce4c997a508354 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Leviathan
Warships\Leviathan.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 7b792ed9-b899-11e2-a6bc-446d57bedc7d

Error - 14.05.2013 15:13:23 | Computer Name = Maxim-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a98 Startzeit:
01ce50d6dc9f58cf Endzeit: 0 Anwendungspfad: C:\Users\Maxim\Downloads\OTL.exe Berichts-ID:
4bf589b1-bcca-11e2-a6bc-446d57bedc7d

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 14.05.2013 15:01:46 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 14.05.2013 15:01:46 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
225 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 14.05.2013 15:02:06 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1509 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391706
(0xFE210026) Description: CERTIFICATE_ERROR_VERIFY_POLICY_FAILED:Certificate failed
a policy check server name: vpn-unidsl.rwth-aachen.de

Error - 14.05.2013 15:02:08 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588307
(0xFE1E002D) Description: SOCKETTRANSPORT_ERROR_CONNECT_CANCELED:An asynchronous
connection has been canceled during its initiation.

Error - 14.05.2013 15:02:08 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target

Error - 14.05.2013 15:02:08 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 14.05.2013 15:02:38 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1509 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391706
(0xFE210026) Description: CERTIFICATE_ERROR_VERIFY_POLICY_FAILED:Certificate failed
a policy check server name: vpn-unidsl.rwth-aachen.de

Error - 14.05.2013 15:02:40 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588307
(0xFE1E002D) Description: SOCKETTRANSPORT_ERROR_CONNECT_CANCELED:An asynchronous
connection has been canceled during its initiation.

Error - 14.05.2013 15:02:40 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target

Error - 14.05.2013 15:02:40 | Computer Name = Maxim-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

[ System Events ]
Error - 19.04.2013 05:04:51 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Application Virtualization Service Agent" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2

Error - 19.04.2013 05:04:51 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Application Virtualization Client" ist vom Dienst "Application
Virtualization Service Agent" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%2

Error - 21.04.2013 12:09:45 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Application Virtualization Service Agent" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2

Error - 21.04.2013 12:09:45 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Application Virtualization Client" ist vom Dienst "Application
Virtualization Service Agent" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%2

Error - 21.04.2013 12:09:45 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application
Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1068

Error - 21.04.2013 12:10:05 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).

Error - 21.04.2013 12:10:05 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069

Error - 21.04.2013 12:10:21 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers
fehlgeschlagen: %%5

Error - 21.04.2013 12:10:21 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers
fehlgeschlagen: %%5

Error - 21.04.2013 12:16:26 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.


< End of report >
Dieser Beitrag wurde am 14.05.2013 um 21:38 Uhr von powermax89 editiert.
Seitenanfang Seitenende
15.05.2013, 20:04
...neu hier

Themenstarter

Beiträge: 4
#2 Kann mir niemand helfen? Schade, hatte eig. hier immer gute Erfahrungen gemacht, aber hier scheint wohl niemand mit ausreichend Wissen vorhanden.

Lg
Seitenanfang Seitenende
15.05.2013, 20:08
Member
Avatar Gool

Beiträge: 4730
#3 Also, ich kann da beim besten Willen keine Anzeichen für eine Infektion finden. Das Problem würde ich an anderer Stelle suchen...

Wie bist Du mit dem Router verbunden? WLAN oder mit Netzwerkkabel? Hast Du den Router mal neu gestartet? Ist es ausgeschlossen, dass Dein Internet-Anbieter momentan Probleme hat? Hast Du die Möglichkeit, den Internetanschluss noch mit einem anderen PC zu testen?

Das Log zeigt leider die Windows-Version nicht an. Ich gehe davon aus, dass Du Windows 7 mit Servicepack 1 hast (wegen der im Log angezeigten Build-Nummer 6.1.7601).

Dann noch ganz allgemein ein paar Tipps zur installierten Software:

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

Veraltet und somit ein Sicherheitsproblem. Wenn Du Java nicht wirklich benötigst (bspw. um Minecraft zu spielen), dann deinstalliere es. Ansonsten updaten!

Das ganze Windows Live Zeugs - da sind ein paar möglicherweise nützliche Sachen dabei, aber ein paar Sachen wie den Messenger (der ist von Microsoft sowieso abgeschaltet worden) und die Kindersicherung wirst Du nicht benötigen.

"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner

Sinnlos. Solltest Du deinstallieren.

"Avira AntiVir Desktop" = Avira Free Antivirus

Würde ich gegen einen besseren Virenscanner austauschen. Bspw. gegen die kostenlosen Microsoft Security Essentials. Außerdem habe ich noch irgendwas von AVG in dem Log gesehen. Hattest Du irgendwann mal AVG auf dem Rechner drauf?

"DAEMON Tools Lite" = DAEMON Tools Lite

Würde ich deinstallieren oder deaktivieren, wenn es nicht benötigt wird.

"McAfee Security Scan" = McAfee Security Scan Plus

Müll! Deinstallieren!

"Optimizer Pro_is1" = Optimizer Pro v3.0

Das könnte eine Scareware sein. Das auf jeden Fall deinstallieren! Notfalls müsste man sich darum nochmal explizit kümmern, wenn es sich nicht deinstallieren lässt.
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
15.05.2013, 22:09
Member
Avatar Xeper

Beiträge: 5285
#4

Zitat

Kann mir niemand helfen? Schade, hatte eig. hier immer gute Erfahrungen gemacht, aber hier scheint wohl niemand mit ausreichend Wissen vorhanden.

Lg
... oder niemand der genug Zeit für sowas hat!
__________
Email/XMPP: therion at ninth-art dot de
IRC: megatherion @ Freenode
Seitenanfang Seitenende
16.05.2013, 11:52
Member
Avatar Gool

Beiträge: 4730
#5 Reg Dich nicht auf, Xeper. Manche Leute sind halt ungeduldig und dies ist doch ein Standardvorwurf, wenn's nicht schnell genug geht. Man möchte die kostenlose Hilfe gerne sofort haben, weil man zu geizig ist, sich kostenpflichtige Hilfe zu holen.

Und von jemandem zu hören, dass man keine Ahnung habe, obwohl bei der Person, die diesen Vorwurf bringt, ganz offensichtlich keine Ahnung vorhanden ist (sonst hätte sie sich ja nicht hilfesuchend an einen gewandt), ist zwar erbärmlich, aber leider ziemlich normal. Das habe ich beruflich schon so oft erlebt...
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
16.05.2013, 12:18
Member
Avatar Xeper

Beiträge: 5285
#6

Zitat

Reg Dich nicht auf, Xeper. Manche Leute sind halt ungeduldig und dies ist doch ein Standardvorwurf, wenn's nicht schnell genug geht. Man möchte die kostenlose Hilfe gerne sofort haben, weil man zu geizig ist, sich kostenpflichtige Hilfe zu holen.
Ach hab mich nicht aufgeregt, auch wenn das Ausrufezeichen dies suggeriert -
wollte nur klar stellen das ich diese Art der Auffassung nicht unterstütze. ;)

@powermax89
Wie Gool festgestellt hat, vermutlich liegt dein Problem woanders.
Außer das dein OS ein Haufen Müll SW mit sich rumschleppt, aber das ist bei fast jedem 0-8-15 Normalverbraucher so.
Diese End-Kunden Kisten werden ja im Grunde schon mit soviel Müll im Werkszustand ausgeliefert.

Du könntest uns ja noch die 2 Prozesse nennen die dir soviel Sorgen machen,
oder mehr über die Beschaffenheit deines Internetzugangs/LAN berichten (Viele PCs?, WLAN oder nicht?, Router?).
Definitiv solltest du dir einen kostenpflichtigen AV besorgen...
__________
Email/XMPP: therion at ninth-art dot de
IRC: megatherion @ Freenode
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: