ChatZum taucht in chrome und Internet Explorer immer als Startseite auf.

blatant · 08.04.2013, 19:23

Hallo,

Wie bereits in der Überschrift erwähnt taucht seit gewisser Zeit auf der Startseite all meiner Browser ChatZum auf. Ich habe dieses Problem gegoogelt und habe herausgefunden, dass solche Probleme meistens mit Viren zusammenhängen. Ich bin mir nicht sicher, aber ich glaube, dass ich mir das Problem bei der Installation einer neulich gedownloadeten Software eingehandelt habe (Adventurecraft). Ich habe versucht in den Suchmaschineneinstellungen diese zu löschen. Aber da wo normalerweise das Kreuz sein müsste ist leider nichts gewesen. Ich hoffe man kann mir helfen, und dass es nchts weiter als eine Einstellungssache ist.
Danke im Vorraus!

cosinus · 08.04.2013, 21:55

Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

blatant · 10.04.2013, 16:13

Hi. Ich habe den Scan durchlaufen lassen und habe jetzt die beiden Logs:

OTL.txt:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 10.04.2013 17:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Timo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 39,12% Memory free
7,99 Gb Paging File | 4,73 Gb Available in Paging File | 59,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 37,85 Gb Free Space | 19,39% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 271,40 Gb Free Space | 69,48% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 786,79 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
 
Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
PRC - H:\steam2\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\EslWire\inGame32.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Programme\Plantronics\GameCom780\GameCom780.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe ()
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Windows\PixArt\PAP7501\PACTray.exe (PixArt Imaging Incorporation)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - H:\steam2\bin\chromehtml.dll ()
MOD - H:\steam2\bin\libcef.dll ()
MOD - H:\steam2\SDL2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll ()
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Programme\EslWire\NocIPC32.dll ()
MOD - C:\Programme\EslWire\inGame32.exe ()
MOD - C:\Programme\EslWire\inGame32.dll ()
MOD - H:\steam2\bin\avcodec-53.dll ()
MOD - H:\steam2\bin\avformat-53.dll ()
MOD - H:\steam2\bin\avutil-51.dll ()
MOD - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.11_0\plugins\npZakoSolutions.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Plantronics\GameCom780\VMixPLGC.dll ()
MOD - C:\Programme\Plantronics\GameCom780\GameCom780.exe ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\DAODx.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (EslWireHelper) -- C:\Programme\EslWire\service\WireHelperSvc.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (DevoloNetworkService) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe ()
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe ()
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dump_wmimmc) -- C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys File not found
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (GUCI_AVS) -- C:\Windows\SysNative\drivers\GUCI_AVS.sys (PixArt Imaging Incorporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (NPF_devolo) -- C:\Windows\SysWOW64\drivers\npf_devolo.sys (CACE Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/?orig=HP&affid=62&cztbid=367792749
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/?orig=HP&affid=62&cztbid=367792749
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_deDE417
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
IE - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\..\SearchScopes,DefaultScope = 
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.25 10:39:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.02.17 20:48:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.02.17 20:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.02.17 20:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.02.17 20:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.02.17 20:48:17 | 000,000,000 | ---D | M]
 
[2013.02.16 23:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\plugin/content_blocker_npapi.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: New Tab = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.3_0\
CHR - Extension: HTTPS Everywhere = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.3.7_0\
CHR - Extension: AdBlock = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
CHR - Extension: ChatZum.com -  Easy Pictures zoom. = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.11_0\
CHR - Extension: Skype Click to Call = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: Ghostery = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Anti-Banner = C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
 
O1 HOSTS File: ([2013.02.17 22:06:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Runtime) - {279384DD-3D1B-4086-8679-AA5EC7268BE1} - C:\Users\Timo\AppData\Roaming\JavaRun\IE\JavaRun.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Programme\Plantronics\GameCom780\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PACTray] C:\Windows\PixArt\PAP7501\PACTray.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000..\Run: [Akamai NetSession Interface] "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000..\Run: [Steam] H:\steam2\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O7 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-21-3772474302-332197646-2498302637-1004\..Trusted Domains: sony.com ([]* in )
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D7181A0-39E5-445E-AAAD-3647C489EF4A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.09 18:52:09 | 000,000,000 | ---D | C] -- C:\Users\Timo\Desktop\minecraft
[2013.04.08 21:59:44 | 000,000,000 | ---D | C] -- C:\Users\Timo\Desktop\adventure maps
[2013.04.08 19:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChatZum Toolbar
[2013.03.24 17:13:59 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinBoard 4.7.0
[2013.03.24 17:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinBoard 4.7.0
[2013.03.24 17:13:55 | 000,000,000 | ---D | C] -- C:\WinBoard-4.7.0
[2013.03.14 21:18:26 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\ChessBase
[2013.03.14 21:18:20 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\ChessBase
[2013.03.14 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Fritz und Fertig
[2013.03.14 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ChessBase
[2013.03.14 21:09:01 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
[2013.03.14 21:08:59 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\ChessBase
[2013.03.14 21:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChessBase
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.10 16:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.10 16:40:02 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.10 16:21:07 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.10 16:21:07 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.10 16:19:21 | 001,790,288 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.10 16:19:21 | 000,767,432 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.10 16:19:21 | 000,710,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.10 16:19:21 | 000,172,906 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.10 16:19:21 | 000,141,010 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.10 16:15:11 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.10 16:13:26 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.04.10 16:13:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.10 16:13:04 | 3219,791,872 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.07 22:01:30 | 000,002,247 | ---- | M] () -- C:\Users\Timo\Desktop\Google Chrome.lnk
[2013.03.25 19:32:18 | 443,686,099 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.25 19:16:56 | 000,312,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.24 17:33:23 | 000,015,196 | ---- | M] () -- C:\Users\Timo\AppData\Roaming\winboard47.ini
[2013.03.14 21:09:01 | 000,002,109 | ---- | M] () -- C:\Users\Timo\Desktop\PlayChess.lnk
[2013.03.13 15:58:02 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 15:58:02 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013.04.07 22:01:30 | 000,002,247 | ---- | C] () -- C:\Users\Timo\Desktop\Google Chrome.lnk
[2013.03.24 17:24:56 | 000,015,196 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\winboard47.ini
[2013.03.14 21:09:01 | 000,002,109 | ---- | C] () -- C:\Users\Timo\Desktop\PlayChess.lnk
[2012.12.26 19:36:46 | 000,000,402 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2012.12.26 19:36:37 | 000,000,534 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2012.12.26 19:36:36 | 000,003,489 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2012.10.20 20:44:25 | 000,007,602 | ---- | C] () -- C:\Users\Timo\AppData\Local\Resmon.ResmonCfg
[2012.05.27 16:10:27 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012.02.24 15:04:42 | 000,017,408 | ---- | C] () -- C:\Users\Timo\AppData\Local\WebpageIcons.db
[2011.11.24 23:29:50 | 000,594,843 | ---- | C] () -- C:\Users\Timo\{1A8140AD-3D01-7C98-D764-55146F5D4AE5}-HBLiteSA.exe
[2011.10.31 12:29:14 | 000,000,669 | ---- | C] () -- C:\Users\Timo\Timo - Verknüpfung.lnk
[2011.10.06 20:13:36 | 000,443,392 | ---- | C] () -- C:\Windows\SysWow64\wlsppc.dll
[2011.09.29 21:27:43 | 000,000,447 | ---- | C] () -- C:\Windows\PLTGC.ini
[2011.09.17 12:03:16 | 000,024,561 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\UserTile.png
[2011.06.08 13:33:57 | 000,002,157 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini
[2011.04.20 10:06:51 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.03.13 17:22:23 | 000,005,120 | ---- | C] () -- C:\Users\Timo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.06 00:53:25 | 000,000,135 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.07 15:38:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

--- --- ---

und einmal das Extra.txt:OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 10.04.2013 17:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Timo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 39,12% Memory free
7,99 Gb Paging File | 4,73 Gb Available in Paging File | 59,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 37,85 Gb Free Space | 19,39% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 271,40 Gb Free Space | 69,48% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 786,79 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
 
Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0004D1D4-7C1D-439A-9AC2-73BADBF4BABE}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{02EC4184-1D8D-4721-B107-84BCEED9E38D}" = lport=6883 | protocol=17 | dir=in | name=league of legends launcher | 
"{0F9C5222-A2CB-45CE-A81A-6F347A4AC8C3}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{101716D3-F6E2-4451-ACDB-AC6F538A4D96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{13AD776D-FF48-407E-9BCB-16A2B0811D41}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{1A3A62F1-75BE-4E40-8D0B-D874DEB4DD3F}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{1BF2F4DD-D86A-4B66-B947-C41EA1857679}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{1D494022-49A7-43D9-90C9-8B07562F5726}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1D6AE5F7-FBF6-487B-8FBB-8B36032E715C}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{1DB4B824-1C3E-4CFC-84FA-83675FD0B896}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{211E6D07-3E65-4F57-9CA6-1EB2A808D35A}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{269A2751-ABC6-4F73-9F3F-1571FF843172}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{3389899B-924D-4462-AB99-9840098CB0F1}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{39EE4BF7-CEC0-4544-ACA4-E2CCD2EE00CC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{402BD922-BCD0-432B-9457-54D7674073DF}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{403C6378-3526-421C-9A58-87985E6C5F36}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{42F97396-329F-4396-9BB5-7B4D336FA343}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4356454A-562F-489C-9B94-9EB6F5F6E802}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4A77A798-8E0B-49C9-9032-E0BBC70C65B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4F0E567E-10F9-4817-8A5F-01D2915D92DE}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{4F913FBF-70E4-438B-8798-55D6E03E5844}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{55C15EF0-B7C4-40D9-AB55-CEC1524261AE}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{565302E7-50B5-47A0-B958-78C962BC6B4A}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{5BB57A53-C30D-4A42-950F-072CC8E36515}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5E671F99-7A67-44E5-92B7-47DEB0043494}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{5EE1EE5F-F15C-47A2-B1D8-B9345E570AD9}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5FC4901E-3E89-43E3-9447-48328B157119}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface | 
"{6AF57DE6-BEB0-404C-ABCF-4FF9ADF10766}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6B4162F7-9FDA-4756-B403-C51CCCBD6102}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{6EAB66C3-9236-4B86-BF37-C95E56AC9B2A}" = lport=6883 | protocol=6 | dir=in | name=league of legends launcher | 
"{72EC5A5F-1734-49BC-9A5C-339D864413CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73468179-96AC-4FE4-8529-80DFF9EDF8CB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{77A83711-2A5F-4881-8612-0AE6DD66A55B}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher | 
"{828AE39E-73B1-45D9-BA00-F13AECE909EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{844BE3CC-131E-4390-BACD-DDA785B1277C}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{85BE460C-EE1D-4E63-AF47-85EA91191709}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{8D2E9C12-417E-4803-8848-33A742E568BB}" = lport=6891 | protocol=17 | dir=in | name=league of legends launcher | 
"{8DA38AB9-C7FF-4E1E-B320-108ED6F72F06}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{8F72FE1E-C1B0-4D63-AF84-C48D656EE208}" = rport=139 | protocol=6 | dir=out | app=system | 
"{92276009-1EDC-4208-9625-312EF3106E70}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{94490359-077B-45D2-93CB-1FC0FFDAF1CE}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{99E15819-2E57-44E2-91BD-FD422B13431C}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{9F8FCA73-C74A-4B77-B807-4F64634658C9}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{A70200DA-CBDC-4D01-9EA9-FE26692B2254}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{A723A777-6730-4EC7-A270-476F0A337794}" = lport=138 | protocol=17 | dir=in | app=system | 
"{A9DA389D-E390-4D60-9A52-A2ACAC0A14CC}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{AB4E21BE-ADC7-4084-8972-88AEB87227F7}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{B81A208B-7E52-4C40-B6A5-9F98CC77A777}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BCBF06F4-3B83-4345-90E9-31E97D4819DD}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{C19FA696-06B4-4E67-AE79-B739B552CAE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C247F239-EE02-4BE9-9DDD-3ED2F4238D53}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C29E5065-C628-43CC-9BA6-D5787355FB1C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C60F6142-3146-4DAD-A7FA-B0A827356E1C}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{CB53453D-9A69-42EC-8A73-E3F5477AEA4D}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{D0050D77-1CDD-44DC-887A-E76CDC913423}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{D0B29A25-9ED4-4AA8-9813-79B3A627ADCF}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{D51EF82A-AC47-4379-8256-02FB222E137D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D93A9DD6-DBAA-42ED-980F-B23D45275136}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{DA59523C-DE3E-4158-9B17-34530DF699C6}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{DE1DC2E5-7BD5-4B96-8C30-5D1EB9554553}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher | 
"{DE517CF6-DC49-4A66-85B1-BCD40511EF22}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E0EEA43C-9E6E-46B1-9856-EA03C55ED970}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E7251563-B0BE-4380-B774-2F7A90CBC080}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E88827D8-A6DE-4645-A31C-12308E3CBE01}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{E88A4404-0D01-4DA1-A840-4E57B9F8D157}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EA5DDB95-A75F-4C61-9356-528B7AED3AA9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{EC937532-23CB-40C8-ADD3-ED4596CBC9D4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{EE7D1491-1032-433A-B1FD-2640F5EB648D}" = lport=6891 | protocol=6 | dir=in | name=league of legends launcher | 
"{F05CB8C4-DC42-4E06-AC72-420F5F933059}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{F19AA354-9BDA-49FB-9B77-DA79D05A311D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F2E703D7-CB72-42E9-A4D1-7B555225AD87}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F5B52E19-E1D4-43EE-9D81-0824B9BF153D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FB4C8005-FA4B-4084-A149-9CE1BD7CB5D8}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{FD98167C-5751-4784-AD3C-16F5E9BDCB4D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002E230E-9F97-41FF-B43B-9D7CB5EC0C79}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{01BD3913-61EF-4E58-8E44-585B6641DA6E}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"{02C11D7E-C21B-4003-98C8-31DDF7DBA874}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{07623436-2967-4A9C-9353-860640B4D2C8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | 
"{092655B3-5159-4DD2-ABA9-5776845783FF}" = protocol=17 | dir=in | app=d:\game\league of legends.exe | 
"{0C3694CD-3F02-40F0-818C-8A3D22C8CA28}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{0F9DC20A-BCCE-48EA-A3C6-11C05573539B}" = protocol=6 | dir=in | app=h:\farcry 3\bin\farcry3.exe | 
"{12FDC3AD-E32E-41CE-8260-D1802C24D03F}" = protocol=6 | dir=in | app=h:\farcry 3\bin\fc3updater.exe | 
"{16BBEC4E-B174-4E8A-BB3E-DCB81EA55CEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{1A93A7E6-B7D9-4063-BEE1-1147BC45B6C2}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{1B40CE28-F164-419A-93A5-1884FD309BD6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1BC10F23-CB84-4D6D-B005-67DEEE8262A1}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{1C3905D5-B65A-49B1-B5E9-3578BF4814BF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"{1D5A4EC0-3125-4F15-8848-110E00BDD09C}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{1E4CA50A-7488-4CBC-9589-24C33785A288}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1F8539C1-3EB1-4FD3-B335-311EA68B285B}" = protocol=17 | dir=in | app=h:\farcry 3\bin\fc3updater.exe | 
"{2073E85E-564B-4BB6-AB22-2D9B80B4AD2B}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | 
"{239AFFEB-533B-430A-9C12-A1B220F861D9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{240CF614-990A-42E4-B9F6-D3C0C52961B0}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{2794F90A-8322-4052-8B05-052E417BE332}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe | 
"{29F85232-5526-4552-AFB6-D82EC03BD7F2}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwawmp.exe | 
"{2BC269E3-6B05-4879-9974-D56B9C6E8945}" = protocol=6 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"{3467D89E-6D70-4673-B456-6ABC0F9FEC2E}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{37E331AA-41B9-4B22-9665-56B87813C7E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{3850207B-5D78-4760-A259-F1651DBCC476}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3.exe | 
"{39ACF639-8871-43DB-8BB2-61DBE6AEC45D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe | 
"{3B789C75-8743-444D-BA36-9CBF5A5988BC}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe | 
"{3E7DF919-47C4-4749-9646-2EC06934F484}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwaw.exe | 
"{40769E4C-B275-4877-ADF1-0B95F176A77C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\thestriker1997\counter-strike source\hl2.exe | 
"{40D0165B-1D2D-4692-8F03-E080524B471D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{476972F8-E735-468F-9B6A-85E945F02E89}" = protocol=17 | dir=in | app=h:\farcry 3\bin\fc3editor.exe | 
"{4B5586F1-2E50-4F4A-B24C-D5B7915760C4}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{51091CD5-985E-4F08-A5F4-93280E5D6721}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3.exe | 
"{524C8A17-EA50-44A8-B75C-34720B05F352}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | 
"{530EDF21-4F2D-4BF1-BAAD-CBFB09762E58}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{539634BA-D093-4D41-94FF-858AEEFCC8F4}" = protocol=17 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"{544552D9-32E0-400D-985C-7F38E088D587}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{5619D2D6-C260-4D69-B237-0C7E0280E5AE}" = protocol=6 | dir=out | app=system | 
"{578C7233-C89F-4CE1-88BA-FCD39C490B50}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3mp.exe | 
"{58A6CA9B-8C0B-456E-BA99-3D1E1E73BC1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{59450657-8A12-4DE9-8D77-A4E41EC288F1}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\dota 2 beta\dota.exe | 
"{5A3FE028-00DA-43F6-BBE1-A5F179C482F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{5A4931F4-4AC5-413C-8AC6-A1ACE0EA3249}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{5A537A8E-EE75-4175-920A-39FFB9DC9A0F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5C246CE8-C4BD-4637-BDD6-E2710ECF3B3E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5C947677-9EEB-4233-BF3D-40ACC2F93C17}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\the binding of isaac\isaac.exe | 
"{5E2A7ED8-3513-4E51-9F25-82C857B7862E}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{5E3D637B-38B6-4495-8BF8-E022C59DCBB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F4D6E9B-FB63-42B7-8CF1-A5838B4455AC}" = dir=in | app=c:\brickforce\brickforce.exe | 
"{5F9B5734-1B54-4F05-AA07-11AC18E4DAE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{60191E94-D868-4C9B-B7CF-9BE9B5FB2E57}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{6072C6E7-EFCD-43F6-B8BD-93A152B9D2F9}" = protocol=6 | dir=in | app=h:\farcry 3\bin\fc3editor.exe | 
"{60838268-C4D3-4B60-B87B-93986FA7804D}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3sp.exe | 
"{61D4B963-B7B2-41A1-8874-8B9B975F0871}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{62FDF750-73E8-4E49-B0C7-7A225853FB49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{63F58072-2D93-468F-977C-AD6530977BA2}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwaw.exe | 
"{64554E4A-52C6-4A7E-AB00-BF9C0E26798B}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{64825BEB-FE3A-4DDC-A945-237E197E400E}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe | 
"{6567E03E-48D3-4089-8646-7CD453C7740C}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{6806AC9E-3948-4E37-98AE-DB50FA96D155}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\portal 2\portal2.exe | 
"{68EAF1DC-C73C-4E99-AC3F-00E1586B4BAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6967B7B3-678D-4A4E-BA78-B5B139E484F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe | 
"{6B8ED52B-4256-40F9-A1F7-94EE0F00CCF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6FF930D1-5AAB-4E6E-9DB7-260E7DE57826}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe | 
"{71DEFA50-3FD9-42D5-A14C-94D13D92BD6A}" = protocol=17 | dir=in | app=h:\farcry 3\bin\farcry3_d3d11.exe | 
"{72807F1E-C848-451F-819A-066C6A41DB38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{745C4D71-5E2D-4F1D-B0F2-A2BE46483F07}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3y.exe | 
"{76627BB7-1506-4569-9C31-86B0A23A32EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{774D9322-BA59-43E6-A77A-4F65569FB87A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{78800C86-7CB9-4628-A0FC-BF512C6FC699}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{7BFC45E7-ACFD-46DB-93AB-C5F68AC6A7F3}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{7D3F0EB3-6AC6-4030-9D46-04873452CF52}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe | 
"{7E6B2EA6-C78F-4717-B431-D62399EE3CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{7EB06DF8-7DA9-479B-91A0-4D95814D1DF0}" = protocol=6 | dir=in | app=d:\game\league of legends.exe | 
"{810DAC34-8984-4E2A-95B1-FF2DA105DBDE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{820C40BD-A7CB-45D8-A92B-1E1BA02F42AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\thestriker1997\counter-strike source\hl2.exe | 
"{82D840D7-2F80-4242-A32D-7FEFE4A068BD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{848CE9FB-8D98-43D1-8C5B-52301B3D7419}" = dir=in | app=c:\brickforce\bflauncher.exe | 
"{8A2AF7E2-D715-4E09-9DA1-DCBEF95EC1FF}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{8A39F2FF-3672-4DA8-8EEB-D7A0851DB953}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3mp.exe | 
"{8A913AEA-6D91-4023-A793-E1F1A110B3D9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | 
"{8F10CF53-3C3E-4343-8359-83A82901E42B}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{90F2E75B-6045-45D3-A3FA-966266CB6AC2}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{9115D582-F1CF-4C45-9064-F07DC80CB3AF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{93E7B15A-43B0-4CE4-B96A-DD93FA033E6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{95AA44A8-33B0-4106-AFDE-78DD2ECBFCA2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{98F792E9-3199-45F4-94A9-4D5531D02B98}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{99987E01-C4AD-43DC-9E49-9A56EAD6D855}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\skyrim\skyrimlauncher.exe | 
"{9B657894-5C5D-4CE8-9DF2-E10935BF9695}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\magicka\magicka.exe | 
"{9E7847A7-8949-4B26-B639-28C45EA2EFB5}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwawmp.exe | 
"{A2FF97BA-347F-4EED-AE8E-EE2BDDE9DF9B}" = dir=in | app=c:\program files\eslwire\wire.exe | 
"{A3ADDEC6-1451-4C35-AC28-D492B30100E6}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | 
"{A448823B-8A3E-4EE2-ACAD-323B97D72C58}" = protocol=6 | dir=in | app=h:\steam2\steam.exe | 
"{A81EAA5B-D076-4167-A58A-B4CC2BD0497E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A9C76F8A-75D5-41B3-B4B4-82917A9D8585}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3x.exe | 
"{AAD5EB6A-0623-4A83-8328-EE9CAE168CA5}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\dota 2 beta\dota.exe | 
"{AF0D3397-EFB9-4FF8-AAB7-1D6E8A7D7BBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{AF73930B-7E78-4676-B403-37B0248C2999}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\dustforce\dustforce.exe | 
"{B0778CE6-72C8-4563-A330-9A191F841D32}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B0951123-08EB-4E92-8051-EDBC98C8FEB9}" = protocol=17 | dir=in | app=d:\air\lolclient.exe | 
"{B12E7812-F963-4967-8079-35F5D5C94E18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{B13FE5B1-9989-425B-8C8F-A880E2EFCFCF}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3y.exe | 
"{B1F5F16C-ECC9-44F2-959C-729B9589A323}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe | 
"{B4EB7B6A-C576-4946-BB4B-B2AEE6B62233}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{B5608B40-8832-44F0-9855-D510A4C9147C}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe | 
"{B63E5109-3F9B-443D-8EBD-58CE45533CC9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B88E59D7-AAFA-4947-BD42-1291706814A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B8A3276B-CA35-4276-831A-CC840E025FDA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{B971EA51-DE09-4CB2-BACF-CB8697573B2A}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3x.exe | 
"{BC617229-D0DC-4D65-85F9-5E5B16B2FEFD}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\portal 2\portal2.exe | 
"{BD57D1FA-3583-4F5A-95B3-5605A3A2A311}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BD86C6F2-3B42-4608-9AF1-24C4EA04C886}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe | 
"{BE0754A4-8169-43D5-8E9C-BC85F7288451}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{BF006B58-96DF-4C85-AC5F-41A1D8BFE618}" = dir=out | app=c:\program files\eslwire\wire.exe | 
"{BFF6D32E-A789-402C-8C2C-D132CE3B4467}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\magicka\magicka.exe | 
"{BFFB676F-1A03-4B15-BBD0-106C31AE98AD}" = protocol=6 | dir=in | app=d:\air\lolclient.exe | 
"{C0AE6FE6-2613-4437-A9C1-7FE796255A37}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{C200A738-2BE5-4594-A605-3EEAC7CC3620}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\skyrim\skyrimlauncher.exe | 
"{C5F6F5CF-3742-448B-9A65-5F809E7878B0}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\dustforce\dustforce.exe | 
"{C6BC24BC-158D-4E77-A63D-115BA0624F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{C7A375CF-72CA-4E9F-B9CA-A4118EE94791}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\batman2\runlauncher.bat | 
"{C8437489-7E2D-485A-A242-C8E74463518E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C8CD0971-DE01-4E57-99B5-BCF1B9641982}" = protocol=6 | dir=in | app=h:\farcry 3\bin\farcry3_d3d11.exe | 
"{C95486CC-1703-427F-960A-3A2E9E1D81ED}" = protocol=17 | dir=in | app=h:\steam2\steam.exe | 
"{CA1FC3BD-4485-4186-AE1F-A43D436DD12B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{CAECC075-FDBB-48B9-AB89-9485A58723C9}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{CC6D5C51-9210-43B1-B2ED-426B06082DE0}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{CDA1A1C9-E6AA-4562-B711-0CE5D26106F5}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\batman2\runlauncher.bat | 
"{CE49F1E1-4326-4455-B9ED-E063C18C2666}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\batman2\binaries\win32\batmanac.exe | 
"{CEE0EF52-0C4A-409F-A9C1-D2EF27D6BCF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CFFF4F33-86D6-405D-A8C2-42B314125F2B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D063651B-EFB6-46C5-88EA-7E35C1DB6D02}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe | 
"{D125FBDE-4548-423E-ACD8-7E77BC3BB0C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{D1BFE911-D760-4D0C-9996-519050FD8E8D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D58033CE-3FD9-4323-9B7B-44EC2074B810}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D5C26831-72C0-44E7-AF47-C013264D01B1}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{D608CBD2-78FD-439D-B718-BCD9795A0DD6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DAE24800-C4C3-4B51-85BE-3B8DBA7F833C}" = protocol=17 | dir=in | app=h:\farcry 3\bin\farcry3.exe | 
"{DCC57CAA-AE07-49F2-9DE7-294F41F4C060}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\the binding of isaac\isaac.exe | 
"{DDA228EA-167D-4080-BE75-D51C35CE63D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE45F69D-3287-467C-ABDC-A75BECDED052}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE806A31-ADB8-47FF-A2F6-FA09617CA349}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe | 
"{DFD14552-1A3C-42C5-BA0D-304BF9469CD0}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | 
"{DFD59F54-D1A6-4331-B25F-7236520CBCEC}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3sp.exe | 
"{E31689B6-31D0-4584-826A-3709B8A8937A}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{E6F8DFE2-85CA-4CF0-A647-FE373FFB9144}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{E79826AC-12BC-4947-B488-1B0FCBAD5C2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E8D6C0CB-621C-49D8-AD07-86202B0724B6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe | 
"{EDACF077-CFDA-4BF0-9A13-BBB8111B4040}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F10189DE-E9B4-4A23-81C0-8AE7F6732FC4}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{F2D0C6F6-4B34-44AF-9874-EE912F83F73A}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe | 
"{F3E49DAC-DC36-4CB2-83A1-2B3FADCA8BE1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F9F35AD3-575A-45F8-B2B7-B0108C803977}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{FD20FF76-9F44-4666-A781-FB0745AE7F7D}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\batman2\binaries\win32\batmanac.exe | 
"TCP Query User{0469A7CB-6C31-4D50-A4FA-10B3C198A93B}D:\spiele\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\spiele\lol\lol.launcher.exe | 
"TCP Query User{119DCA6D-6BB6-4832-B1F3-631ED61D4ABA}C:\program files (x86)\duty calls\binaries\win32\dutycalls.exe" = protocol=6 | dir=in | app=c:\program files (x86)\duty calls\binaries\win32\dutycalls.exe | 
"TCP Query User{11FF2CE5-3F11-4EDE-A4CA-C3C62A652BF0}D:\spiele\d3e\b-dead2\deadspace2.exe" = protocol=6 | dir=in | app=d:\spiele\d3e\b-dead2\deadspace2.exe | 
"TCP Query User{1D0D9C34-1E31-4E31-A8E3-611D433F4A89}C:\microvoltsdownloader\mvdownloader.exe" = protocol=6 | dir=in | app=c:\microvoltsdownloader\mvdownloader.exe | 
"TCP Query User{224FC3EB-146D-47AA-94D8-D16D15D2014B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"TCP Query User{2E94C670-8BF8-41D8-AFA0-77E4632F65FD}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe | 
"TCP Query User{36DEE5DD-1294-429C-A8AF-4394824C31C3}D:\1\spiele\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\1\spiele\borderlands\binaries\borderlands.exe | 
"TCP Query User{39794D68-BE59-4277-AB5A-81CC38401CB0}H:\alice.exe" = protocol=6 | dir=in | app=h:\alice.exe | 
"TCP Query User{3EC44F44-5CA2-4C04-AE96-7B935BD9E240}D:\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol.launcher.exe | 
"TCP Query User{3FB6DEF0-1DF0-4B46-AC6A-220A64F73A74}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{46226058-1645-4523-BCC8-F55175672CD5}D:\aiw-client\iw4mpold.exe" = protocol=6 | dir=in | app=d:\aiw-client\iw4mpold.exe | 
"TCP Query User{666F118D-106F-4350-AECE-07FD275088A5}C:\program files (x86)\steam\steamapps\common\altitude\altitude.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\altitude\altitude.exe | 
"TCP Query User{7A543912-4E9C-4307-9FB0-4F5736315957}C:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe | 
"TCP Query User{844C3F7F-3BC9-43F8-86A0-7556E6C2F6EC}C:\users\timo\desktop\deadspace.exe" = protocol=6 | dir=in | app=c:\users\timo\desktop\deadspace.exe | 
"TCP Query User{A1C28200-3104-46AF-BF49-99B7DDFD7964}D:\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol\lol.launcher.exe | 
"TCP Query User{AD85BE19-A06A-46B1-8155-18AED0D7E6B1}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe | 
"TCP Query User{B20CB7AA-7548-45DA-9CF4-1D851E61BC1E}D:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=d:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"TCP Query User{B76458D6-0195-4FAC-BB0A-09A84E71B002}F:\crack\deadspace.exe" = protocol=6 | dir=in | app=f:\crack\deadspace.exe | 
"TCP Query User{BABCEA7F-09C6-4A04-AB11-579C5B4D853B}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"TCP Query User{BB64D108-78AF-4F48-A37C-84C36F45F536}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{BEBC485C-EE41-4ED1-B5DD-FE73D3E57C40}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{CB1BF9D8-1EBF-454F-B766-7C8A1D315D71}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{E5AD9F0A-B09E-4EEF-A62C-0B98AA84BADD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{E7C5EBE4-8CB7-46A5-B095-FF78C2A60849}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe | 
"TCP Query User{F4EAA273-7629-4BE2-B43D-8D25E1E2EEDF}D:\aiw-client\iw4mp.exe" = protocol=6 | dir=in | app=d:\aiw-client\iw4mp.exe | 
"TCP Query User{FDC45A61-25A4-44B5-970E-964BB1516D7C}C:\users\timo\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{06AED980-5E26-446A-877B-FA2B7BD06E59}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{12150096-EBD5-485A-8488-75A9E9358422}D:\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol\lol.launcher.exe | 
"UDP Query User{2DF4F790-BEBF-4DF0-AC19-F2DF1A33E83C}D:\aiw-client\iw4mp.exe" = protocol=17 | dir=in | app=d:\aiw-client\iw4mp.exe | 
"UDP Query User{2E95D81F-09A6-4E77-AA88-4A0C93CC28C3}C:\microvoltsdownloader\mvdownloader.exe" = protocol=17 | dir=in | app=c:\microvoltsdownloader\mvdownloader.exe | 
"UDP Query User{37A7BD79-D873-43DF-BEC8-46698323B188}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"UDP Query User{3EE04D07-7ADA-4D9E-A37D-429365B8065C}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{41A360E7-4D1D-4477-B208-C723D925FD2B}D:\spiele\d3e\b-dead2\deadspace2.exe" = protocol=17 | dir=in | app=d:\spiele\d3e\b-dead2\deadspace2.exe | 
"UDP Query User{49110932-5619-43A1-961C-E9D614C0E402}C:\program files (x86)\steam\steamapps\common\altitude\altitude.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\altitude\altitude.exe | 
"UDP Query User{5ADA6E11-F3E9-4EC7-AF02-BB9BF71B808B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"UDP Query User{6007D1D0-7BBC-4D43-8DE1-3E4F20A326DE}C:\users\timo\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{7712E02E-09D8-4042-B14C-FCE8E2B7C814}D:\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol.launcher.exe | 
"UDP Query User{77ECBC81-046A-4983-A156-0B7EFE956B32}C:\users\timo\desktop\deadspace.exe" = protocol=17 | dir=in | app=c:\users\timo\desktop\deadspace.exe | 
"UDP Query User{7F8705AB-9A9D-4B80-AA98-258BCA379693}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{87216C76-9199-4AC9-95E1-7DBCA5CCE36D}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe | 
"UDP Query User{940E10F9-8101-4B29-9242-3CFE7448F2D6}D:\spiele\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\spiele\lol\lol.launcher.exe | 
"UDP Query User{9B0DE7C9-E0F7-499C-9ADF-9CAAE5A57AC0}F:\crack\deadspace.exe" = protocol=17 | dir=in | app=f:\crack\deadspace.exe | 
"UDP Query User{9EE2D42F-0CE9-43F0-BFAC-17F648B9D818}C:\program files (x86)\duty calls\binaries\win32\dutycalls.exe" = protocol=17 | dir=in | app=c:\program files (x86)\duty calls\binaries\win32\dutycalls.exe | 
"UDP Query User{A7E2AA05-E895-431F-9A01-D6507CB01847}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{B07F51A0-EA97-4BB2-B36F-3FD7EFE57A20}C:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe | 
"UDP Query User{B8AAEA36-EA0C-4A9E-A465-41AED212B89B}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe | 
"UDP Query User{C4A79896-0316-410E-A61B-C9874D81B929}H:\alice.exe" = protocol=17 | dir=in | app=h:\alice.exe | 
"UDP Query User{CCF99016-E259-4DE4-923A-E5DD39FFEA71}D:\1\spiele\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\1\spiele\borderlands\binaries\borderlands.exe | 
"UDP Query User{CF9D88B0-AD56-4873-9C1E-5AACE5574E99}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{D5914569-8A5D-4606-8F6D-423862F5036F}D:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=d:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"UDP Query User{D90750AA-0334-41C8-803E-8DFE7AA4D97D}D:\aiw-client\iw4mpold.exe" = protocol=17 | dir=in | app=d:\aiw-client\iw4mpold.exe | 
"UDP Query User{D931C4D5-9C2D-46DF-910C-6E9A1035B903}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2BF35D84-6377-4F70-9F39-97CF67E67FFF}" = Microsoft IntelliPoint 8.0
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{446EE0D9-1F6B-42BF-8278-8D0B172BA15D}" = Microsoft IntelliType Pro 8.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F29F195-B11C-3EAD-B883-997BB29DFA17}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{ECDF0939-A653-44D0-8B8E-597B890F45EC}" = Logitech Gaming Software 5.02
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.15.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08C065AD-FF57-4422-AB5F-4B6B000B7696}" = S4 League_EU
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2649AD59-23CF-4862-93F1-3AAE27F646A7}" = S4 League_EU
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}" = dLAN Cockpit
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C6A0FD8A-F107-44CA-AA1B-49341936F76A}" = Canyon USB2.0 PC Camera(0050.2009.1224.3006)
"{CF9041ED-60C9-36ED-9DB9-F55AAD993865}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7382773-CBE8-33A9-862E-C2337CD0F359}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{EB3C9064-9140-4279-9E51-965119402151}" = Plantronics® GameCom 780 Software for Dolby® Headphone
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BrickForce" = BrickForce 1.9.87
"CloneDVD2" = CloneDVD2
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX-Setup
"dlancockpit" = devolo dLAN Cockpit
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dlanwlancfg" = devolo dLAN Wireless extender Konfiguration
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Notepad++" = Notepad++
"Origin" = Origin
"PlayChess" = PlayChess 
"PunkBusterSvc" = PunkBuster Services
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Resident Evil 4_is1" = Resident Evil 4 1.10
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam App 10090" = Call of Duty: World at War
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 113200" = The Binding Of Isaac
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 40800" = Super Meat Boy
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42910" = Magicka
"Steam App 48000" = LIMBO
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 57400" = Batman: Arkham City™
"Steam App 620" = Portal 2
"Steam App 65300" = Dustforce
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Sudden Strike II" = Sudden Strike II
"Trusted Software Assistant_is1" = File Type Assistant
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR
"Worms Reloaded Full-Rip" = Worms Reloaded Full-Rip 1.0
"Worms Reloaded_is1" = Worms Reloaded
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"soe-PlanetSide 2 PSG" = PlanetSide 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.02.2013 08:40:18 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm PlanetSide2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1c20    Startzeit:
 01ce0c3ee6343a9e    Endzeit: 444    Anwendungspfad: H:\planetside2\PlanetSide2.exe    Berichts-ID:
   
 
Error - 16.02.2013 11:34:59 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm PlanetSide2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 2d8    Startzeit: 
01ce0c4c573b1f4e    Endzeit: 4827    Anwendungspfad: H:\planetside2\PlanetSide2.exe    Berichts-ID:
   
 
Error - 17.02.2013 13:19:40 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 6.1.0.129 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10f0    Startzeit:
 01ce0b6927861f76    Endzeit: 448    Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:
   
 
Error - 17.02.2013 13:52:15 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.02.2013 14:23:02 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.02.2013 15:34:14 | Computer Name = Timo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00005c0b  ID des fehlerhaften Prozesses:
 0x1334  Startzeit der fehlerhaften Anwendung: 0x01ce0d45c1fc0650  Pfad der fehlerhaften
 Anwendung: C:\ComboFix\dumphive.3XE  Pfad des fehlerhaften Moduls: C:\ComboFix\dumphive.3XE
Berichtskennung:
 028601f6-7939-11e2-84de-bcaec51fc960
 
Error - 17.02.2013 16:14:08 | Computer Name = Timo-PC | Source = DUMeterSvc | ID = 0
Description = 
 
Error - 17.02.2013 16:19:16 | Computer Name = Timo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00005c0b  ID des fehlerhaften Prozesses:
 0x1e64  Startzeit der fehlerhaften Anwendung: 0x01ce0d4c0d69ca14  Pfad der fehlerhaften
 Anwendung: C:\ComboFix\dumphive.3XE  Pfad des fehlerhaften Moduls: C:\ComboFix\dumphive.3XE
Berichtskennung:
 4d2dcb3b-793f-11e2-b92b-bcaec51fc960
 
Error - 17.02.2013 16:39:43 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 18.02.2013 06:53:08 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.02.2013 05:53:13 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ NetLimiter 3 Events ]
Error - 20.04.2011 16:48:33 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 22.04.2011 08:22:28 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 26.04.2011 09:01:16 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 27.04.2011 04:26:07 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 27.04.2011 17:52:33 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 28.04.2011 04:52:28 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 28.04.2011 14:20:32 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 29.04.2011 05:15:18 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 30.04.2011 06:41:35 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 30.04.2011 07:38:00 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
[ System Events ]
Error - 03.04.2013 10:53:45 | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 03.04.2013 14:26:00 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?04.?2013 um 20:24:41 unerwartet heruntergefahren.
 
Error - 04.04.2013 06:49:50 | Computer Name = Timo-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 05.04.2013 08:47:35 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 14:44:30 unerwartet heruntergefahren.
 
Error - 05.04.2013 09:19:21 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:10:35 unerwartet heruntergefahren.
 
Error - 05.04.2013 09:26:27 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:23:22 unerwartet heruntergefahren.
 
Error - 05.04.2013 12:35:03 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:28:27 unerwartet heruntergefahren.
 
Error - 05.04.2013 19:59:42 | Computer Name = Timo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 05.04.2013 19:59:42 | Computer Name = Timo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 06.04.2013 09:26:43 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?04.?2013 um 15:25:08 unerwartet heruntergefahren.
 
 
< End of report >

--- --- ---

blatant · 10.04.2013, 16:15

und einmal das Extra.txt:OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 10.04.2013 17:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Timo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 39,12% Memory free
7,99 Gb Paging File | 4,73 Gb Available in Paging File | 59,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 37,85 Gb Free Space | 19,39% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 271,40 Gb Free Space | 69,48% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 786,79 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
 
Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0004D1D4-7C1D-439A-9AC2-73BADBF4BABE}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{02EC4184-1D8D-4721-B107-84BCEED9E38D}" = lport=6883 | protocol=17 | dir=in | name=league of legends launcher | 
"{0F9C5222-A2CB-45CE-A81A-6F347A4AC8C3}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{101716D3-F6E2-4451-ACDB-AC6F538A4D96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{13AD776D-FF48-407E-9BCB-16A2B0811D41}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{1A3A62F1-75BE-4E40-8D0B-D874DEB4DD3F}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{1BF2F4DD-D86A-4B66-B947-C41EA1857679}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{1D494022-49A7-43D9-90C9-8B07562F5726}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1D6AE5F7-FBF6-487B-8FBB-8B36032E715C}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{1DB4B824-1C3E-4CFC-84FA-83675FD0B896}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{211E6D07-3E65-4F57-9CA6-1EB2A808D35A}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{269A2751-ABC6-4F73-9F3F-1571FF843172}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{3389899B-924D-4462-AB99-9840098CB0F1}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{39EE4BF7-CEC0-4544-ACA4-E2CCD2EE00CC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{402BD922-BCD0-432B-9457-54D7674073DF}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{403C6378-3526-421C-9A58-87985E6C5F36}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{42F97396-329F-4396-9BB5-7B4D336FA343}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4356454A-562F-489C-9B94-9EB6F5F6E802}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4A77A798-8E0B-49C9-9032-E0BBC70C65B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4F0E567E-10F9-4817-8A5F-01D2915D92DE}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{4F913FBF-70E4-438B-8798-55D6E03E5844}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{55C15EF0-B7C4-40D9-AB55-CEC1524261AE}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{565302E7-50B5-47A0-B958-78C962BC6B4A}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{5BB57A53-C30D-4A42-950F-072CC8E36515}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5E671F99-7A67-44E5-92B7-47DEB0043494}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{5EE1EE5F-F15C-47A2-B1D8-B9345E570AD9}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5FC4901E-3E89-43E3-9447-48328B157119}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface | 
"{6AF57DE6-BEB0-404C-ABCF-4FF9ADF10766}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6B4162F7-9FDA-4756-B403-C51CCCBD6102}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{6EAB66C3-9236-4B86-BF37-C95E56AC9B2A}" = lport=6883 | protocol=6 | dir=in | name=league of legends launcher | 
"{72EC5A5F-1734-49BC-9A5C-339D864413CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73468179-96AC-4FE4-8529-80DFF9EDF8CB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{77A83711-2A5F-4881-8612-0AE6DD66A55B}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher | 
"{828AE39E-73B1-45D9-BA00-F13AECE909EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{844BE3CC-131E-4390-BACD-DDA785B1277C}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{85BE460C-EE1D-4E63-AF47-85EA91191709}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{8D2E9C12-417E-4803-8848-33A742E568BB}" = lport=6891 | protocol=17 | dir=in | name=league of legends launcher | 
"{8DA38AB9-C7FF-4E1E-B320-108ED6F72F06}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{8F72FE1E-C1B0-4D63-AF84-C48D656EE208}" = rport=139 | protocol=6 | dir=out | app=system | 
"{92276009-1EDC-4208-9625-312EF3106E70}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{94490359-077B-45D2-93CB-1FC0FFDAF1CE}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{99E15819-2E57-44E2-91BD-FD422B13431C}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{9F8FCA73-C74A-4B77-B807-4F64634658C9}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{A70200DA-CBDC-4D01-9EA9-FE26692B2254}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{A723A777-6730-4EC7-A270-476F0A337794}" = lport=138 | protocol=17 | dir=in | app=system | 
"{A9DA389D-E390-4D60-9A52-A2ACAC0A14CC}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{AB4E21BE-ADC7-4084-8972-88AEB87227F7}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{B81A208B-7E52-4C40-B6A5-9F98CC77A777}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BCBF06F4-3B83-4345-90E9-31E97D4819DD}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{C19FA696-06B4-4E67-AE79-B739B552CAE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C247F239-EE02-4BE9-9DDD-3ED2F4238D53}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C29E5065-C628-43CC-9BA6-D5787355FB1C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C60F6142-3146-4DAD-A7FA-B0A827356E1C}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{CB53453D-9A69-42EC-8A73-E3F5477AEA4D}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{D0050D77-1CDD-44DC-887A-E76CDC913423}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{D0B29A25-9ED4-4AA8-9813-79B3A627ADCF}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{D51EF82A-AC47-4379-8256-02FB222E137D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D93A9DD6-DBAA-42ED-980F-B23D45275136}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{DA59523C-DE3E-4158-9B17-34530DF699C6}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{DE1DC2E5-7BD5-4B96-8C30-5D1EB9554553}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher | 
"{DE517CF6-DC49-4A66-85B1-BCD40511EF22}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E0EEA43C-9E6E-46B1-9856-EA03C55ED970}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E7251563-B0BE-4380-B774-2F7A90CBC080}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E88827D8-A6DE-4645-A31C-12308E3CBE01}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{E88A4404-0D01-4DA1-A840-4E57B9F8D157}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EA5DDB95-A75F-4C61-9356-528B7AED3AA9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlanwlancfg\dlanwlancfg.exe | 
"{EC937532-23CB-40C8-ADD3-ED4596CBC9D4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{EE7D1491-1032-433A-B1FD-2640F5EB648D}" = lport=6891 | protocol=6 | dir=in | name=league of legends launcher | 
"{F05CB8C4-DC42-4E06-AC72-420F5F933059}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\informer\devinf.exe | 
"{F19AA354-9BDA-49FB-9B77-DA79D05A311D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F2E703D7-CB72-42E9-A4D1-7B555225AD87}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F5B52E19-E1D4-43EE-9D81-0824B9BF153D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FB4C8005-FA4B-4084-A149-9CE1BD7CB5D8}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe | 
"{FD98167C-5751-4784-AD3C-16F5E9BDCB4D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002E230E-9F97-41FF-B43B-9D7CB5EC0C79}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{01BD3913-61EF-4E58-8E44-585B6641DA6E}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"{02C11D7E-C21B-4003-98C8-31DDF7DBA874}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{07623436-2967-4A9C-9353-860640B4D2C8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | 
"{092655B3-5159-4DD2-ABA9-5776845783FF}" = protocol=17 | dir=in | app=d:\game\league of legends.exe | 
"{0C3694CD-3F02-40F0-818C-8A3D22C8CA28}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{0F9DC20A-BCCE-48EA-A3C6-11C05573539B}" = protocol=6 | dir=in | app=h:\farcry 3\bin\farcry3.exe | 
"{12FDC3AD-E32E-41CE-8260-D1802C24D03F}" = protocol=6 | dir=in | app=h:\farcry 3\bin\fc3updater.exe | 
"{16BBEC4E-B174-4E8A-BB3E-DCB81EA55CEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{1A93A7E6-B7D9-4063-BEE1-1147BC45B6C2}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{1B40CE28-F164-419A-93A5-1884FD309BD6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1BC10F23-CB84-4D6D-B005-67DEEE8262A1}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{1C3905D5-B65A-49B1-B5E9-3578BF4814BF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"{1D5A4EC0-3125-4F15-8848-110E00BDD09C}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{1E4CA50A-7488-4CBC-9589-24C33785A288}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1F8539C1-3EB1-4FD3-B335-311EA68B285B}" = protocol=17 | dir=in | app=h:\farcry 3\bin\fc3updater.exe | 
"{2073E85E-564B-4BB6-AB22-2D9B80B4AD2B}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | 
"{239AFFEB-533B-430A-9C12-A1B220F861D9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{240CF614-990A-42E4-B9F6-D3C0C52961B0}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{2794F90A-8322-4052-8B05-052E417BE332}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe | 
"{29F85232-5526-4552-AFB6-D82EC03BD7F2}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwawmp.exe | 
"{2BC269E3-6B05-4879-9974-D56B9C6E8945}" = protocol=6 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"{3467D89E-6D70-4673-B456-6ABC0F9FEC2E}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{37E331AA-41B9-4B22-9665-56B87813C7E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{3850207B-5D78-4760-A259-F1651DBCC476}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3.exe | 
"{39ACF639-8871-43DB-8BB2-61DBE6AEC45D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe | 
"{3B789C75-8743-444D-BA36-9CBF5A5988BC}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe | 
"{3E7DF919-47C4-4749-9646-2EC06934F484}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwaw.exe | 
"{40769E4C-B275-4877-ADF1-0B95F176A77C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\thestriker1997\counter-strike source\hl2.exe | 
"{40D0165B-1D2D-4692-8F03-E080524B471D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{476972F8-E735-468F-9B6A-85E945F02E89}" = protocol=17 | dir=in | app=h:\farcry 3\bin\fc3editor.exe | 
"{4B5586F1-2E50-4F4A-B24C-D5B7915760C4}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{51091CD5-985E-4F08-A5F4-93280E5D6721}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3.exe | 
"{524C8A17-EA50-44A8-B75C-34720B05F352}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | 
"{530EDF21-4F2D-4BF1-BAAD-CBFB09762E58}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{539634BA-D093-4D41-94FF-858AEEFCC8F4}" = protocol=17 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"{544552D9-32E0-400D-985C-7F38E088D587}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{5619D2D6-C260-4D69-B237-0C7E0280E5AE}" = protocol=6 | dir=out | app=system | 
"{578C7233-C89F-4CE1-88BA-FCD39C490B50}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3mp.exe | 
"{58A6CA9B-8C0B-456E-BA99-3D1E1E73BC1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{59450657-8A12-4DE9-8D77-A4E41EC288F1}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\dota 2 beta\dota.exe | 
"{5A3FE028-00DA-43F6-BBE1-A5F179C482F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{5A4931F4-4AC5-413C-8AC6-A1ACE0EA3249}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{5A537A8E-EE75-4175-920A-39FFB9DC9A0F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5C246CE8-C4BD-4637-BDD6-E2710ECF3B3E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5C947677-9EEB-4233-BF3D-40ACC2F93C17}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\the binding of isaac\isaac.exe | 
"{5E2A7ED8-3513-4E51-9F25-82C857B7862E}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{5E3D637B-38B6-4495-8BF8-E022C59DCBB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F4D6E9B-FB63-42B7-8CF1-A5838B4455AC}" = dir=in | app=c:\brickforce\brickforce.exe | 
"{5F9B5734-1B54-4F05-AA07-11AC18E4DAE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{60191E94-D868-4C9B-B7CF-9BE9B5FB2E57}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{6072C6E7-EFCD-43F6-B8BD-93A152B9D2F9}" = protocol=6 | dir=in | app=h:\farcry 3\bin\fc3editor.exe | 
"{60838268-C4D3-4B60-B87B-93986FA7804D}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3sp.exe | 
"{61D4B963-B7B2-41A1-8874-8B9B975F0871}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{62FDF750-73E8-4E49-B0C7-7A225853FB49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{63F58072-2D93-468F-977C-AD6530977BA2}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwaw.exe | 
"{64554E4A-52C6-4A7E-AB00-BF9C0E26798B}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{64825BEB-FE3A-4DDC-A945-237E197E400E}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe | 
"{6567E03E-48D3-4089-8646-7CD453C7740C}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{6806AC9E-3948-4E37-98AE-DB50FA96D155}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\portal 2\portal2.exe | 
"{68EAF1DC-C73C-4E99-AC3F-00E1586B4BAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6967B7B3-678D-4A4E-BA78-B5B139E484F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe | 
"{6B8ED52B-4256-40F9-A1F7-94EE0F00CCF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6FF930D1-5AAB-4E6E-9DB7-260E7DE57826}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe | 
"{71DEFA50-3FD9-42D5-A14C-94D13D92BD6A}" = protocol=17 | dir=in | app=h:\farcry 3\bin\farcry3_d3d11.exe | 
"{72807F1E-C848-451F-819A-066C6A41DB38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{745C4D71-5E2D-4F1D-B0F2-A2BE46483F07}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3y.exe | 
"{76627BB7-1506-4569-9C31-86B0A23A32EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{774D9322-BA59-43E6-A77A-4F65569FB87A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{78800C86-7CB9-4628-A0FC-BF512C6FC699}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{7BFC45E7-ACFD-46DB-93AB-C5F68AC6A7F3}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{7D3F0EB3-6AC6-4030-9D46-04873452CF52}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe | 
"{7E6B2EA6-C78F-4717-B431-D62399EE3CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{7EB06DF8-7DA9-479B-91A0-4D95814D1DF0}" = protocol=6 | dir=in | app=d:\game\league of legends.exe | 
"{810DAC34-8984-4E2A-95B1-FF2DA105DBDE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{820C40BD-A7CB-45D8-A92B-1E1BA02F42AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\thestriker1997\counter-strike source\hl2.exe | 
"{82D840D7-2F80-4242-A32D-7FEFE4A068BD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{848CE9FB-8D98-43D1-8C5B-52301B3D7419}" = dir=in | app=c:\brickforce\bflauncher.exe | 
"{8A2AF7E2-D715-4E09-9DA1-DCBEF95EC1FF}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{8A39F2FF-3672-4DA8-8EEB-D7A0851DB953}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3mp.exe | 
"{8A913AEA-6D91-4023-A793-E1F1A110B3D9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | 
"{8F10CF53-3C3E-4343-8359-83A82901E42B}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{90F2E75B-6045-45D3-A3FA-966266CB6AC2}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{9115D582-F1CF-4C45-9064-F07DC80CB3AF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{93E7B15A-43B0-4CE4-B96A-DD93FA033E6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{95AA44A8-33B0-4106-AFDE-78DD2ECBFCA2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{98F792E9-3199-45F4-94A9-4D5531D02B98}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{99987E01-C4AD-43DC-9E49-9A56EAD6D855}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\skyrim\skyrimlauncher.exe | 
"{9B657894-5C5D-4CE8-9DF2-E10935BF9695}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\magicka\magicka.exe | 
"{9E7847A7-8949-4B26-B639-28C45EA2EFB5}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty world at war\codwawmp.exe | 
"{A2FF97BA-347F-4EED-AE8E-EE2BDDE9DF9B}" = dir=in | app=c:\program files\eslwire\wire.exe | 
"{A3ADDEC6-1451-4C35-AC28-D492B30100E6}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | 
"{A448823B-8A3E-4EE2-ACAD-323B97D72C58}" = protocol=6 | dir=in | app=h:\steam2\steam.exe | 
"{A81EAA5B-D076-4167-A58A-B4CC2BD0497E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A9C76F8A-75D5-41B3-B4B4-82917A9D8585}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3x.exe | 
"{AAD5EB6A-0623-4A83-8328-EE9CAE168CA5}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\dota 2 beta\dota.exe | 
"{AF0D3397-EFB9-4FF8-AAB7-1D6E8A7D7BBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{AF73930B-7E78-4676-B403-37B0248C2999}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\dustforce\dustforce.exe | 
"{B0778CE6-72C8-4563-A330-9A191F841D32}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B0951123-08EB-4E92-8051-EDBC98C8FEB9}" = protocol=17 | dir=in | app=d:\air\lolclient.exe | 
"{B12E7812-F963-4967-8079-35F5D5C94E18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{B13FE5B1-9989-425B-8C8F-A880E2EFCFCF}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3y.exe | 
"{B1F5F16C-ECC9-44F2-959C-729B9589A323}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe | 
"{B4EB7B6A-C576-4946-BB4B-B2AEE6B62233}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{B5608B40-8832-44F0-9855-D510A4C9147C}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe | 
"{B63E5109-3F9B-443D-8EBD-58CE45533CC9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B88E59D7-AAFA-4947-BD42-1291706814A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B8A3276B-CA35-4276-831A-CC840E025FDA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{B971EA51-DE09-4CB2-BACF-CB8697573B2A}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\age of empires 3\bin\age3x.exe | 
"{BC617229-D0DC-4D65-85F9-5E5B16B2FEFD}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\portal 2\portal2.exe | 
"{BD57D1FA-3583-4F5A-95B3-5605A3A2A311}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BD86C6F2-3B42-4608-9AF1-24C4EA04C886}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe | 
"{BE0754A4-8169-43D5-8E9C-BC85F7288451}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{BF006B58-96DF-4C85-AC5F-41A1D8BFE618}" = dir=out | app=c:\program files\eslwire\wire.exe | 
"{BFF6D32E-A789-402C-8C2C-D132CE3B4467}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\magicka\magicka.exe | 
"{BFFB676F-1A03-4B15-BBD0-106C31AE98AD}" = protocol=6 | dir=in | app=d:\air\lolclient.exe | 
"{C0AE6FE6-2613-4437-A9C1-7FE796255A37}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{C200A738-2BE5-4594-A605-3EEAC7CC3620}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\skyrim\skyrimlauncher.exe | 
"{C5F6F5CF-3742-448B-9A65-5F809E7878B0}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\dustforce\dustforce.exe | 
"{C6BC24BC-158D-4E77-A63D-115BA0624F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{C7A375CF-72CA-4E9F-B9CA-A4118EE94791}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\batman2\runlauncher.bat | 
"{C8437489-7E2D-485A-A242-C8E74463518E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C8CD0971-DE01-4E57-99B5-BCF1B9641982}" = protocol=6 | dir=in | app=h:\farcry 3\bin\farcry3_d3d11.exe | 
"{C95486CC-1703-427F-960A-3A2E9E1D81ED}" = protocol=17 | dir=in | app=h:\steam2\steam.exe | 
"{CA1FC3BD-4485-4186-AE1F-A43D436DD12B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe | 
"{CAECC075-FDBB-48B9-AB89-9485A58723C9}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{CC6D5C51-9210-43B1-B2ED-426B06082DE0}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{CDA1A1C9-E6AA-4562-B711-0CE5D26106F5}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\batman2\runlauncher.bat | 
"{CE49F1E1-4326-4455-B9ED-E063C18C2666}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\batman2\binaries\win32\batmanac.exe | 
"{CEE0EF52-0C4A-409F-A9C1-D2EF27D6BCF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CFFF4F33-86D6-405D-A8C2-42B314125F2B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D063651B-EFB6-46C5-88EA-7E35C1DB6D02}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe | 
"{D125FBDE-4548-423E-ACD8-7E77BC3BB0C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{D1BFE911-D760-4D0C-9996-519050FD8E8D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D58033CE-3FD9-4323-9B7B-44EC2074B810}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D5C26831-72C0-44E7-AF47-C013264D01B1}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{D608CBD2-78FD-439D-B718-BCD9795A0DD6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DAE24800-C4C3-4B51-85BE-3B8DBA7F833C}" = protocol=17 | dir=in | app=h:\farcry 3\bin\farcry3.exe | 
"{DCC57CAA-AE07-49F2-9DE7-294F41F4C060}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\the binding of isaac\isaac.exe | 
"{DDA228EA-167D-4080-BE75-D51C35CE63D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE45F69D-3287-467C-ABDC-A75BECDED052}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE806A31-ADB8-47FF-A2F6-FA09617CA349}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe | 
"{DFD14552-1A3C-42C5-BA0D-304BF9469CD0}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | 
"{DFD59F54-D1A6-4331-B25F-7236520CBCEC}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty 4\iw3sp.exe | 
"{E31689B6-31D0-4584-826A-3709B8A8937A}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{E6F8DFE2-85CA-4CF0-A647-FE373FFB9144}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{E79826AC-12BC-4947-B488-1B0FCBAD5C2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E8D6C0CB-621C-49D8-AD07-86202B0724B6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe | 
"{EDACF077-CFDA-4BF0-9A13-BBB8111B4040}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F10189DE-E9B4-4A23-81C0-8AE7F6732FC4}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{F2D0C6F6-4B34-44AF-9874-EE912F83F73A}" = protocol=17 | dir=in | app=h:\steam2\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe | 
"{F3E49DAC-DC36-4CB2-83A1-2B3FADCA8BE1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F9F35AD3-575A-45F8-B2B7-B0108C803977}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{FD20FF76-9F44-4666-A781-FB0745AE7F7D}" = protocol=6 | dir=in | app=h:\steam2\steamapps\common\batman2\binaries\win32\batmanac.exe | 
"TCP Query User{0469A7CB-6C31-4D50-A4FA-10B3C198A93B}D:\spiele\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\spiele\lol\lol.launcher.exe | 
"TCP Query User{119DCA6D-6BB6-4832-B1F3-631ED61D4ABA}C:\program files (x86)\duty calls\binaries\win32\dutycalls.exe" = protocol=6 | dir=in | app=c:\program files (x86)\duty calls\binaries\win32\dutycalls.exe | 
"TCP Query User{11FF2CE5-3F11-4EDE-A4CA-C3C62A652BF0}D:\spiele\d3e\b-dead2\deadspace2.exe" = protocol=6 | dir=in | app=d:\spiele\d3e\b-dead2\deadspace2.exe | 
"TCP Query User{1D0D9C34-1E31-4E31-A8E3-611D433F4A89}C:\microvoltsdownloader\mvdownloader.exe" = protocol=6 | dir=in | app=c:\microvoltsdownloader\mvdownloader.exe | 
"TCP Query User{224FC3EB-146D-47AA-94D8-D16D15D2014B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"TCP Query User{2E94C670-8BF8-41D8-AFA0-77E4632F65FD}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe | 
"TCP Query User{36DEE5DD-1294-429C-A8AF-4394824C31C3}D:\1\spiele\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\1\spiele\borderlands\binaries\borderlands.exe | 
"TCP Query User{39794D68-BE59-4277-AB5A-81CC38401CB0}H:\alice.exe" = protocol=6 | dir=in | app=h:\alice.exe | 
"TCP Query User{3EC44F44-5CA2-4C04-AE96-7B935BD9E240}D:\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol.launcher.exe | 
"TCP Query User{3FB6DEF0-1DF0-4B46-AC6A-220A64F73A74}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{46226058-1645-4523-BCC8-F55175672CD5}D:\aiw-client\iw4mpold.exe" = protocol=6 | dir=in | app=d:\aiw-client\iw4mpold.exe | 
"TCP Query User{666F118D-106F-4350-AECE-07FD275088A5}C:\program files (x86)\steam\steamapps\common\altitude\altitude.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\altitude\altitude.exe | 
"TCP Query User{7A543912-4E9C-4307-9FB0-4F5736315957}C:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe | 
"TCP Query User{844C3F7F-3BC9-43F8-86A0-7556E6C2F6EC}C:\users\timo\desktop\deadspace.exe" = protocol=6 | dir=in | app=c:\users\timo\desktop\deadspace.exe | 
"TCP Query User{A1C28200-3104-46AF-BF49-99B7DDFD7964}D:\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol\lol.launcher.exe | 
"TCP Query User{AD85BE19-A06A-46B1-8155-18AED0D7E6B1}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe | 
"TCP Query User{B20CB7AA-7548-45DA-9CF4-1D851E61BC1E}D:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=d:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"TCP Query User{B76458D6-0195-4FAC-BB0A-09A84E71B002}F:\crack\deadspace.exe" = protocol=6 | dir=in | app=f:\crack\deadspace.exe | 
"TCP Query User{BABCEA7F-09C6-4A04-AB11-579C5B4D853B}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"TCP Query User{BB64D108-78AF-4F48-A37C-84C36F45F536}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"TCP Query User{BEBC485C-EE41-4ED1-B5DD-FE73D3E57C40}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{CB1BF9D8-1EBF-454F-B766-7C8A1D315D71}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{E5AD9F0A-B09E-4EEF-A62C-0B98AA84BADD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"TCP Query User{E7C5EBE4-8CB7-46A5-B095-FF78C2A60849}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe | 
"TCP Query User{F4EAA273-7629-4BE2-B43D-8D25E1E2EEDF}D:\aiw-client\iw4mp.exe" = protocol=6 | dir=in | app=d:\aiw-client\iw4mp.exe | 
"TCP Query User{FDC45A61-25A4-44B5-970E-964BB1516D7C}C:\users\timo\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{06AED980-5E26-446A-877B-FA2B7BD06E59}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{12150096-EBD5-485A-8488-75A9E9358422}D:\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol\lol.launcher.exe | 
"UDP Query User{2DF4F790-BEBF-4DF0-AC19-F2DF1A33E83C}D:\aiw-client\iw4mp.exe" = protocol=17 | dir=in | app=d:\aiw-client\iw4mp.exe | 
"UDP Query User{2E95D81F-09A6-4E77-AA88-4A0C93CC28C3}C:\microvoltsdownloader\mvdownloader.exe" = protocol=17 | dir=in | app=c:\microvoltsdownloader\mvdownloader.exe | 
"UDP Query User{37A7BD79-D873-43DF-BEC8-46698323B188}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"UDP Query User{3EE04D07-7ADA-4D9E-A37D-429365B8065C}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{41A360E7-4D1D-4477-B208-C723D925FD2B}D:\spiele\d3e\b-dead2\deadspace2.exe" = protocol=17 | dir=in | app=d:\spiele\d3e\b-dead2\deadspace2.exe | 
"UDP Query User{49110932-5619-43A1-961C-E9D614C0E402}C:\program files (x86)\steam\steamapps\common\altitude\altitude.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\altitude\altitude.exe | 
"UDP Query User{5ADA6E11-F3E9-4EC7-AF02-BB9BF71B808B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"UDP Query User{6007D1D0-7BBC-4D43-8DE1-3E4F20A326DE}C:\users\timo\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\timo\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{7712E02E-09D8-4042-B14C-FCE8E2B7C814}D:\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol.launcher.exe | 
"UDP Query User{77ECBC81-046A-4983-A156-0B7EFE956B32}C:\users\timo\desktop\deadspace.exe" = protocol=17 | dir=in | app=c:\users\timo\desktop\deadspace.exe | 
"UDP Query User{7F8705AB-9A9D-4B80-AA98-258BCA379693}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe | 
"UDP Query User{87216C76-9199-4AC9-95E1-7DBCA5CCE36D}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe | 
"UDP Query User{940E10F9-8101-4B29-9242-3CFE7448F2D6}D:\spiele\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\spiele\lol\lol.launcher.exe | 
"UDP Query User{9B0DE7C9-E0F7-499C-9ADF-9CAAE5A57AC0}F:\crack\deadspace.exe" = protocol=17 | dir=in | app=f:\crack\deadspace.exe | 
"UDP Query User{9EE2D42F-0CE9-43F0-BFAC-17F648B9D818}C:\program files (x86)\duty calls\binaries\win32\dutycalls.exe" = protocol=17 | dir=in | app=c:\program files (x86)\duty calls\binaries\win32\dutycalls.exe | 
"UDP Query User{A7E2AA05-E895-431F-9A01-D6507CB01847}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{B07F51A0-EA97-4BB2-B36F-3FD7EFE57A20}C:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\xxxreasonlpxxx\team fortress 2\hl2.exe | 
"UDP Query User{B8AAEA36-EA0C-4A9E-A465-41AED212B89B}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe | 
"UDP Query User{C4A79896-0316-410E-A61B-C9874D81B929}H:\alice.exe" = protocol=17 | dir=in | app=h:\alice.exe | 
"UDP Query User{CCF99016-E259-4DE4-923A-E5DD39FFEA71}D:\1\spiele\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\1\spiele\borderlands\binaries\borderlands.exe | 
"UDP Query User{CF9D88B0-AD56-4873-9C1E-5AACE5574E99}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{D5914569-8A5D-4606-8F6D-423862F5036F}D:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=d:\unbrauchbar\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | 
"UDP Query User{D90750AA-0334-41C8-803E-8DFE7AA4D97D}D:\aiw-client\iw4mpold.exe" = protocol=17 | dir=in | app=d:\aiw-client\iw4mpold.exe | 
"UDP Query User{D931C4D5-9C2D-46DF-910C-6E9A1035B903}D:\spiele\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\spiele\borderlands\binaries\borderlands.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2BF35D84-6377-4F70-9F39-97CF67E67FFF}" = Microsoft IntelliPoint 8.0
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{446EE0D9-1F6B-42BF-8278-8D0B172BA15D}" = Microsoft IntelliType Pro 8.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F29F195-B11C-3EAD-B883-997BB29DFA17}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{ECDF0939-A653-44D0-8B8E-597B890F45EC}" = Logitech Gaming Software 5.02
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.15.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08C065AD-FF57-4422-AB5F-4B6B000B7696}" = S4 League_EU
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2649AD59-23CF-4862-93F1-3AAE27F646A7}" = S4 League_EU
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}" = dLAN Cockpit
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C6A0FD8A-F107-44CA-AA1B-49341936F76A}" = Canyon USB2.0 PC Camera(0050.2009.1224.3006)
"{CF9041ED-60C9-36ED-9DB9-F55AAD993865}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7382773-CBE8-33A9-862E-C2337CD0F359}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{EB3C9064-9140-4279-9E51-965119402151}" = Plantronics® GameCom 780 Software for Dolby® Headphone
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BrickForce" = BrickForce 1.9.87
"CloneDVD2" = CloneDVD2
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX-Setup
"dlancockpit" = devolo dLAN Cockpit
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dlanwlancfg" = devolo dLAN Wireless extender Konfiguration
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Notepad++" = Notepad++
"Origin" = Origin
"PlayChess" = PlayChess 
"PunkBusterSvc" = PunkBuster Services
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Resident Evil 4_is1" = Resident Evil 4 1.10
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam App 10090" = Call of Duty: World at War
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 113200" = The Binding Of Isaac
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 40800" = Super Meat Boy
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42910" = Magicka
"Steam App 48000" = LIMBO
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 57400" = Batman: Arkham City™
"Steam App 620" = Portal 2
"Steam App 65300" = Dustforce
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Sudden Strike II" = Sudden Strike II
"Trusted Software Assistant_is1" = File Type Assistant
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR
"Worms Reloaded Full-Rip" = Worms Reloaded Full-Rip 1.0
"Worms Reloaded_is1" = Worms Reloaded
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3772474302-332197646-2498302637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"soe-PlanetSide 2 PSG" = PlanetSide 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.02.2013 08:40:18 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm PlanetSide2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1c20    Startzeit:
 01ce0c3ee6343a9e    Endzeit: 444    Anwendungspfad: H:\planetside2\PlanetSide2.exe    Berichts-ID:
   
 
Error - 16.02.2013 11:34:59 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm PlanetSide2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 2d8    Startzeit: 
01ce0c4c573b1f4e    Endzeit: 4827    Anwendungspfad: H:\planetside2\PlanetSide2.exe    Berichts-ID:
   
 
Error - 17.02.2013 13:19:40 | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 6.1.0.129 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10f0    Startzeit:
 01ce0b6927861f76    Endzeit: 448    Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:
   
 
Error - 17.02.2013 13:52:15 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.02.2013 14:23:02 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.02.2013 15:34:14 | Computer Name = Timo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00005c0b  ID des fehlerhaften Prozesses:
 0x1334  Startzeit der fehlerhaften Anwendung: 0x01ce0d45c1fc0650  Pfad der fehlerhaften
 Anwendung: C:\ComboFix\dumphive.3XE  Pfad des fehlerhaften Moduls: C:\ComboFix\dumphive.3XE
Berichtskennung:
 028601f6-7939-11e2-84de-bcaec51fc960
 
Error - 17.02.2013 16:14:08 | Computer Name = Timo-PC | Source = DUMeterSvc | ID = 0
Description = 
 
Error - 17.02.2013 16:19:16 | Computer Name = Timo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: dumphive.3XE, Version: 0.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00005c0b  ID des fehlerhaften Prozesses:
 0x1e64  Startzeit der fehlerhaften Anwendung: 0x01ce0d4c0d69ca14  Pfad der fehlerhaften
 Anwendung: C:\ComboFix\dumphive.3XE  Pfad des fehlerhaften Moduls: C:\ComboFix\dumphive.3XE
Berichtskennung:
 4d2dcb3b-793f-11e2-b92b-bcaec51fc960
 
Error - 17.02.2013 16:39:43 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 18.02.2013 06:53:08 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.02.2013 05:53:13 | Computer Name = Timo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ NetLimiter 3 Events ]
Error - 20.04.2011 16:48:33 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 22.04.2011 08:22:28 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 26.04.2011 09:01:16 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 27.04.2011 04:26:07 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 27.04.2011 17:52:33 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 28.04.2011 04:52:28 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 28.04.2011 14:20:32 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 29.04.2011 05:15:18 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 30.04.2011 06:41:35 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
Error - 30.04.2011 07:38:00 | Computer Name = Timo-PC | Source = NetLimiter 3 Service | ID = 1000
Description = 
 
[ System Events ]
Error - 03.04.2013 10:53:45 | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 03.04.2013 14:26:00 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?04.?2013 um 20:24:41 unerwartet heruntergefahren.
 
Error - 04.04.2013 06:49:50 | Computer Name = Timo-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 05.04.2013 08:47:35 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 14:44:30 unerwartet heruntergefahren.
 
Error - 05.04.2013 09:19:21 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:10:35 unerwartet heruntergefahren.
 
Error - 05.04.2013 09:26:27 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:23:22 unerwartet heruntergefahren.
 
Error - 05.04.2013 12:35:03 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?04.?2013 um 15:28:27 unerwartet heruntergefahren.
 
Error - 05.04.2013 19:59:42 | Computer Name = Timo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 05.04.2013 19:59:42 | Computer Name = Timo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 06.04.2013 09:26:43 | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?04.?2013 um 15:25:08 unerwartet heruntergefahren.
 
 
< End of report >

--- --- ---

cosinus · 10.04.2013, 21:15

Zitat:

app=f:\crack\deadspace.exe

Sry aber bei illegaler Software gibt es hier nur noch Hilfe zur Datensicherung + Neuinstallation von Windows

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials

blatant · 11.04.2013, 15:29

Das sehe ich ein aber ist da noch eine Möglichkeit mir solche Software aufzulisten (falls noch andere vorhanden ist), damit ich diese dann löschen kann?

cosinus · 12.04.2013, 09:30

Wenn du es einsiehst, warum siehst du nicht auch ein, dass wir jetzt in diesem Fall nur noch Hilfe zur Datenrettung und Neuinstallation von Windows geben, aber keine Tipps wie man diees und jenes löscht?

blatant · 12.04.2013, 11:01

Also nehme ich an dass mir keiner sagen kann wo ich meine Illegale software finde?

12.04.2013, 09:30	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	ChatZum taucht in chrome und Internet Explorer immer als Startseite auf. Wenn du es einsiehst, warum siehst du nicht auch ein, dass wir jetzt in diesem Fall nur noch Hilfe zur Datenrettung und Neuinstallation von Windows geben, aber keine Tipps wie man diees und jenes löscht? __________________ Logfiles bitte immer in CODE-Tags posten

ChatZum taucht in chrome und Internet Explorer immer als Startseite auf.

Plagegeister aller Art und deren Bekämpfung: ChatZum taucht in chrome und Internet Explorer immer als Startseite auf.