Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Eigene E-Mail Adresse verschickt Spam Mails (https://www.trojaner-board.de/132407-eigene-e-mail-adresse-verschickt-spam-mails.html)

Stan911s 21.03.2013 12:21

Code:

OTL Extras logfile created on: 21.03.2013 11:51:11 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 67,11% Memory free
7,99 Gb Paging File | 6,62 Gb Available in Paging File | 82,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 116,08 Gb Free Space | 19,47% Space Free | Partition Type: NTFS
 
Computer Name: ANTEC300HEPP | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
"C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0013D836-C02A-4B19-BF06-8E298C8F74F3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C503BDF-74C7-421F-AFA5-4234943E0346}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0F4B1C1D-79BF-4AE7-B937-A7E1EDB1D58A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{12BA85E7-A6F9-4454-979C-15121CD7BCEE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{18709E59-E764-4B74-901C-EB207EE63B96}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3367D677-0799-4CF7-8F27-38F30673228B}" = lport=139 | protocol=6 | dir=in | app=system |
"{3937DC75-1C23-40DF-A599-F2C674F9431B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3F078DA0-8FC2-495B-BE0D-A2BB99AE6D8A}" = lport=445 | protocol=6 | dir=in | app=system |
"{406ED4DF-2105-4B53-84C0-4E488BF1FC21}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43B38B76-E996-44F2-9992-177C67F24874}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4AA5BDF5-2868-46F0-B411-B34535656353}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{536D14DE-9C9E-4C17-84A2-E4B162C5E1C8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5740E698-E8FB-4C66-8CC6-26037BBEBBE1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{625E91C4-9BFA-41C4-BF8F-D46AA383D075}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62DCAF30-6028-44D1-BF99-674F8C120CF2}" = lport=137 | protocol=17 | dir=in | app=system |
"{69D010C5-9092-452C-8A85-0A92D4459B53}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{834962D4-DD61-47CE-8B64-D27B4E7704A6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{842F7EEE-7243-4C1D-8417-657794DF64E0}" = rport=139 | protocol=6 | dir=out | app=system |
"{99983770-0FBD-427E-A331-CAACA708A4BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1A89E98-BB5C-4299-8253-1174D5A67F6B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A8240828-030A-428F-BF91-39D5D904A058}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9677D7B-FEBE-42CB-884E-96C80898C621}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B0FD3B57-C946-4B36-AE70-639086A0CCF0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B131D8EA-3089-45EC-B5F7-16E2A33DA1AA}" = lport=138 | protocol=17 | dir=in | app=system |
"{B6F5AE3A-6E44-42E3-BC5B-6AC15BF46E1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{CAB0CE25-D776-4FDF-B57B-9A568FA4DC00}" = rport=137 | protocol=17 | dir=out | app=system |
"{CBA074C0-B94E-49B6-ADFD-2D496828D2FE}" = rport=445 | protocol=6 | dir=out | app=system |
"{CDABCC89-F6DF-4492-8094-D0D8DC510552}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4E8FBC4-187D-4095-926D-4B3B9E901197}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCA758F9-E3D3-4BD7-9C58-43B000C76C8F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DD109C23-8323-4C1A-8D5E-D87000882448}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E374FCBB-F35A-41E3-86B6-1DD11FCF6610}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7C877E3-8F96-408D-AB94-A7AD5349DAD8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C3684F-2ED9-49E0-AE99-5F078D54529E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{036A7596-4EC8-41F9-8334-9FF357FEBE06}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{06BD8C2B-A174-4395-861D-62D20104C635}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{07EC9B29-E14D-4A79-9AFF-C02A9A044C86}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{0AA57A33-FED3-4EE4-8A62-967468EB2710}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C1B4ACD-67E4-4967-8C17-51FB1F8A305F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\counter-strike source\hl2.exe |
"{0CA3B0B2-E54F-4478-86E9-C24FD84971A3}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{0EE60490-1F69-499C-806C-7CF9F45918A8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{10A092AC-8949-4BC9-A763-5CE99FE2DB13}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt2\dirt2_game.exe |
"{115D42FA-7C4B-4E28-ACAA-924EFFD9AD6C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{13AD9A65-3F12-45F8-8A1F-56C04E380803}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{13DD2B6D-BD28-4DDE-B794-AEF9F0B8C541}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{1424524F-195B-4F5B-A6E0-9C6D481A2CA5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{16E418A1-D9EE-4043-BF47-EEF5A7B3B37F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{1824DB38-C00B-4379-B060-74998C56B52C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D1C270E-CBFB-4A73-B909-91ED4BC746F3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{1F95DC4A-3A95-4E91-841D-43012A6F5946}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{1FEBA6F0-9D6F-4FFF-A54E-80BD88CE802F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\counter-strike source\hl2.exe |
"{224583FA-92DF-4431-91A6-CD02312C96CE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22E6FBC8-FD65-4985-B528-DD99217FBDE3}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"{2A42D038-4B2D-4EC9-93A3-1C96764AB03E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{2E3F6B66-F4D7-4475-96F1-5805FA2E437B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\counter-strike source\hl2.exe |
"{334B9A85-B0A3-4A57-8289-847B1CF50E63}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{33A34AF6-BA3B-4EC3-A2F7-975A998330A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{358B10F3-312A-4866-8EB1-C2E9E5176DA1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{35E27932-F19D-42BD-B238-6C176DBD0BAF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{37C2E75C-D987-4779-BB8E-A41F8E834579}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{38537EDE-EEB0-414D-B011-275FAF67403D}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pes2012\pes2012.exe |
"{3C42E9CF-B233-402A-B6DB-9BD270C8DBF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\counter-strike source\hl2.exe |
"{410368B6-D015-4B59-8653-F9DD1FA19FE8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{43CD160B-5F0C-4BA5-A0A7-4AC691C24D4F}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe |
"{4AA18AFD-EA58-4DD9-9977-1B5E0CAA43A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{4C7A7278-0E8A-498E-AA54-50F545827A31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{4C8CD7D4-0F29-4853-9A89-704F48F50410}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4D78B7C2-A4B4-494B-9DC2-587C0DE7A6F7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DFF0D4D-2D94-4971-BC1B-2C2C4BD485BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{4FD4728E-2143-494E-8C7C-C39B132F2B25}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{4FEC1A7C-3B93-4D01-9060-2790ECE43CEA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5089BA5F-29B3-4AD9-A482-0FC3EBD32C6F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{50D66348-4997-4CCA-8B79-83437FD1272E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5118F8DE-E451-4694-9873-7377B1EE0C71}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5186C150-CE1D-4B26-ADB1-50627FFAD78B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{545BC8D2-7459-47AD-A8DD-84486FB5C89D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\opposing force\hl.exe |
"{56E76DD3-5851-44FD-8763-FE4108488C81}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{5A400593-1181-4F54-A554-8F403431ED50}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{60387DDC-77D4-420A-B954-0FC7A94F1800}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{62156C6B-8253-492F-B7D2-5F30456C538E}" = protocol=6 | dir=out | app=system |
"{626BE5D9-A8B5-4372-99E8-3482A9B2D2DC}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{668C3EB9-042D-48B5-82BD-D7BE8B65DBB7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68850810-E14B-4D95-81B4-A85DD51DF907}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{69F196A6-E4AF-4A71-8957-07C431C81A5D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\day of defeat source\hl2.exe |
"{69F51A0E-6A28-46CD-9E23-D2A3B5605A11}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{6B158DA7-ED33-4693-AB8C-73BA67627796}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{6CC2D0A8-8B61-46EE-BEEA-7C440ECB4B00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6FBADC81-FE6E-4EEE-822B-081E8ABC5C8F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{70395540-C403-4967-84BB-B784442F741F}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{716623C6-9C66-455D-9FD1-91046A80AB8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{718B356D-9580-45FF-B66C-7DC71DE0A19D}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{719954B5-2D9E-4366-A2C4-4C514CD4643C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\day of defeat source\hl2.exe |
"{74F2175D-BCBB-4DF3-87B1-118FE43183D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{79DC1B89-3216-4341-95EB-73D92E02B938}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{845B4118-FA03-4FEE-83CF-A7D464019C50}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"{8546E9CE-746D-4705-B125-6AC5E5B7AB2B}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{886EC7A6-A907-4568-8BEC-E99169EB9915}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{88ABACFC-F2A0-4157-ABFE-DD64736E9F55}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{88AFDB74-D3B8-4AA9-A299-805C502A48EF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{89F67524-6AB6-493A-BA34-D92156DB0B90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A590167-9044-4370-9EB3-787EC17C72B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{8D043C7C-913A-4B64-BC5F-DFE39ECD18B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{8D650472-8ED4-4C1F-8653-3140E58AD49D}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8D8939C7-01CF-443B-B930-911B6732EA2F}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt2\dirt2_game.exe |
"{8DA3B288-E162-4CE0-BB55-9FA2D045CBA5}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{9279BA4C-661A-4B9D-9BE9-68318001BF17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\day of defeat source\hl2.exe |
"{94013E5D-E222-4D05-BC1C-40D1EA910D85}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{98115B20-FB84-42F7-AB81-100171217633}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\opposing force\hl.exe |
"{984C410D-7C07-436D-BC73-B536879727AE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\half-life source\hl2.exe |
"{9B2DF76E-6D23-467F-927A-04FF1EF81C24}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A22A7415-7697-48A0-B59A-387E35A401D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\half-life source\hl2.exe |
"{A279DBB5-D2F6-46C3-A555-5123E18DE2E8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A483895F-9A03-4ECE-BFE4-81C4E035256D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9647468-A04A-4748-B998-5D60C031FD4C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AB08F046-AE68-41D7-BAC8-3703CC7DE4DA}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pes2012\pes2012.exe |
"{AB4E5348-1AB0-4715-ACD6-B3E1C28446A0}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{AB56F9F1-4168-4DB1-BDF6-55E0BC72E8CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B091E51D-0217-483C-812F-0F3A5E05F477}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{B1DD67B8-E847-41CE-9E9E-3B8888AC20E3}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{B1FE11CC-FD32-4E9A-8BFD-0C2E0B5FBF42}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B4D7F3C7-4AF8-4062-B816-276FA62E07FF}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2.exe |
"{B51C9EDF-2BE0-4289-921F-F4C17D2456C2}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe |
"{BB8F8D7A-A718-4983-A507-8C0E431A69B7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{BC2FB4D2-394D-482E-9875-AF5B9E0E9D61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{BCCEFF90-83DA-42D7-8006-CD5ACC474838}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{C0EA507E-EDB0-4471-B578-54881DF0BF9D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C6179C3E-8A3A-46C0-BE08-0B585CB813C5}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"{C83B77EC-9BB5-4656-9440-0EFB37665132}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C847E147-BDFC-4DD3-AD9E-25B168F39764}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{C959F16D-29CC-4EAC-B3A9-6BB78CE2F14B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD5053E6-AA92-4DC0-A386-F526E79BEA5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D260CFD7-7B12-45FB-8316-D51530FC6685}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{DB75C26A-575B-469F-8397-15FE567DBE8D}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DC3A7D10-EDB6-4FE8-97F0-7A2DD0A6075A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD970261-12BF-4CAC-AD87-C5D26D0DEFCE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DF3E0ABA-122A-47CF-BAA9-4AA39DB74F8E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{DFEFA84B-DEDF-4D01-A57F-C3C3F1CF2576}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\day of defeat source\hl2.exe |
"{E1F91898-73CA-4336-A21F-CFD383285448}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E27D8591-FABC-4958-9966-FDF8014D59B5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{E3536B96-93BB-4A9C-9DD5-A880F52F57E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{E87A40A1-4603-4767-AEE0-B25864CBD78E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{E9887725-E883-4470-BE99-6963262A475F}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"{EE011670-BBDF-4B1E-955F-71AC8F976798}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
"{F3B3A367-130D-4A43-9667-F2DDCFCDD003}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F65E8811-525E-4D56-A3B7-2934DDA2190B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
"{FB38DACB-4EDB-45FB-8C9B-9C924E4C4769}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2.exe |
"{FBA65FAE-F8BB-4540-8039-1623884CE424}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"TCP Query User{01018D5E-2FC3-4A3A-9966-42E78CF5BAD5}C:\program files (x86)\combat arms eu\nmservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\combat arms eu\nmservice.exe |
"TCP Query User{07521297-4ADD-48B8-BB04-D1A3F63A4BD1}C:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{1386B185-3F0A-4131-AAC7-A9806415006E}C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"TCP Query User{1F2EB63D-4D76-4EEA-B00C-5A075179987D}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{21BF3064-07D6-4740-9B30-BBFC4335756C}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{23096720-EE24-4809-B540-8F6278AD115F}C:\users\***\desktop\valve\counter strike\cstrike.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\valve\counter strike\cstrike.exe |
"TCP Query User{23830977-501F-4A60-8045-CB718A92C799}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{326C1B8D-8188-46BC-812E-862AC9F21574}C:\program files (x86)\call of duty\coduomp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty\coduomp.exe |
"TCP Query User{37959299-5690-4CE5-B27A-D5F858F08D98}C:\program files (x86)\serious sam 2\bin\sam2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\serious sam 2\bin\sam2.exe |
"TCP Query User{3815B186-F1F9-450A-B835-DACA54B69D85}C:\program files (x86)\trackmania sunrise\tmsunrise.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trackmania sunrise\tmsunrise.exe |
"TCP Query User{3866363C-99AB-4B43-A03F-31F2DE6E2122}C:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"TCP Query User{3D5C3BB3-D404-48CD-BB5A-C5AAE1B69C6E}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{3E3D3EBA-2677-4FBF-A755-96B5AF99E52F}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{41756213-4BDB-4F1B-B4B9-517C804910C6}C:\program files (x86)\serious sam 2\bin\sam2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\serious sam 2\bin\sam2.exe |
"TCP Query User{4211B00C-C2B7-4285-9A70-0A5036EBB279}C:\program files (x86)\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"TCP Query User{4B47AA91-2162-495E-857F-51F0595CEDF1}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"TCP Query User{50E58163-5407-48F4-80A3-85A9169E8969}C:\users\***\downloads\tdu2downloader.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\tdu2downloader.exe |
"TCP Query User{5817C5E4-CA1D-4939-A707-15CAD4CD4E04}C:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe |
"TCP Query User{5ADA7C40-D080-4C27-90DD-D35E1782CE68}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{6148429D-AA3F-4DF1-B37E-A5376AC5F775}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{6226CB45-B692-4D05-9B9C-DA2BA74087CF}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{63845F5C-AB4D-4D79-AE0D-F4A08D725313}C:\program files (x86)\steam\steamapps\focus\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus205\half-life 2 deathmatch\hl2.exe |
"TCP Query User{65E4D8E7-92BC-4B08-BE01-78A36E9F2F23}C:\program files (x86)\empire interactive\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\empire interactive\flatout2\flatout2.exe |
"TCP Query User{6A7140D2-FAD1-41CF-A58E-A9B1979E7146}C:\users\***\desktop\counter strike\cstrike.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\counter strike\cstrike.exe |
"TCP Query User{6B199D5D-74E2-4D85-95FF-EE2A46C8AA02}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{6D5C40BE-7355-4767-BBD6-AA1CB04E8FBF}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{741C8022-E255-463C-9C9E-9B2F231A4797}C:\program files\java\jdk1.6.0_21\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_21\bin\javaw.exe |
"TCP Query User{7492577C-C7B6-4B8E-98D9-FC013B3ED556}C:\program files\java\jdk1.7.0\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0\jre\bin\java.exe |
"TCP Query User{7BCF7E3C-65BD-4AE3-B9D6-1AD81E439284}C:\program files (x86)\atari\tdu2 demo\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\testdrive2.exe |
"TCP Query User{82C332B8-F2C3-469D-BA34-9F18F9CBC849}I:\counter strike\cstrike.exe" = protocol=6 | dir=in | app=i:\counter strike\cstrike.exe |
"TCP Query User{8F3F9D8A-E8F7-448E-B054-8A65D32D1109}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
"TCP Query User{91A85BE7-A80F-4B3F-A03D-C56177FC63C3}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe |
"TCP Query User{95F5B439-9776-408A-B44E-1BB390356812}C:\program files (x86)\ubisoft\xiii\system\xiii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\xiii\system\xiii.exe |
"TCP Query User{97D9ECF5-DBBF-4375-8B3A-6CE587AA8276}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |
"TCP Query User{9B2F36E6-2F31-4519-91E5-B217A99568AA}C:\program files (x86)\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\program files (x86)\combat arms eu\engine.exe |
"TCP Query User{9D96641A-FE45-48F0-801F-090251F73F5C}C:\program files (x86)\jlc's software\internet tv\internet tv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jlc's software\internet tv\internet tv.exe |
"TCP Query User{9EBE77BE-A79B-4730-AD80-7D36AC478BDE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{A2872A12-74D3-4885-9748-0565F1AC06E7}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"TCP Query User{A335B311-77F6-4DF3-8409-E053B3F9BFE6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{A4B8C6EA-4652-49DA-ACB5-69FBB7C5C94E}C:\users\***\desktop\tdu2downloader.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\tdu2downloader.exe |
"TCP Query User{A51032F1-036E-487B-946A-CF71CC01609A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{A8B7B789-46C5-4F19-BE7A-04A741BFAF58}C:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe |
"TCP Query User{AAA02052-15DA-4A89-AAC5-B7EC76B28727}C:\program files (x86)\steam\steamapps\focus205\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus205\team fortress 2\hl2.exe |
"TCP Query User{B5B46EFE-CF15-41D2-B93E-FCB373FFED06}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{BAC265D8-1434-4A9C-AFC6-0958E418839E}C:\program files (x86)\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"TCP Query User{C34DB9BC-A536-4526-82B9-0DC1E6073392}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"TCP Query User{CC810D6E-729E-43BD-87AB-ECB67DDF82FC}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe |
"TCP Query User{D2B01B6C-B128-4BA9-9918-8064F163F5E5}C:\program files\java\jdk1.6.0_21\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_21\jre\bin\java.exe |
"TCP Query User{D2BE60AE-E26A-4D55-9FB2-04C942D835DC}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{D5D46CEA-4645-41A7-A7C5-90ED7F4EF1DA}C:\program files (x86)\atari\tdu2 demo\_uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\_uplauncher.exe |
"TCP Query User{E0FFB365-3683-46F4-94B9-1FE1D2931569}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{E973590C-11CA-40FF-A2D0-500F335243A3}C:\program files (x86)\microsoft games\midtown madness 2 trial\mm2trial.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\midtown madness 2 trial\mm2trial.exe |
"TCP Query User{ECB6959B-04C4-4635-B597-54F1E6952585}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{EF27523D-1BBD-44CB-ACE4-686DA7FFFE08}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"TCP Query User{EF65825F-8179-489B-8F2A-1BFBCAE75573}C:\program files (x86)\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt\dirt.exe |
"TCP Query User{F224AB33-3624-47F4-BE42-EBFFFC4A7641}C:\program files (x86)\ea games\battlefield 2sf\bf2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2sf\bf2.exe |
"TCP Query User{F2A174A5-29C8-4711-B4DA-454DB61098DA}C:\program files (x86)\atari\tdu2 demo\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\uplauncher.exe |
"TCP Query User{F31D3E06-885B-4ADA-808B-5A156F67716D}C:\program files (x86)\steam\steamapps\focus205\half-life blue shift\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\focus205\half-life blue shift\hl.exe |
"TCP Query User{FA96C091-A9E4-43C8-A971-CABF2613256C}F:\backups\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=f:\backups\ea games\battlefield 2\bf2.exe |
"TCP Query User{FC9FB788-B4E0-4ACD-838A-CB10FDEA3F81}C:\program files\java\jdk1.7.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0\bin\javaw.exe |
"TCP Query User{FF41BFB8-16DF-4EA2-A692-2FC66F311985}C:\users\***\desktop\bildschirm\2. bildschirm\valve\counter strike\cstrike.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\bildschirm\2. bildschirm\valve\counter strike\cstrike.exe |
"TCP Query User{FFDB8F83-893F-4D12-9880-D6CAF519D50A}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{08D6C225-FDB5-4619-A364-F95573ECBDD3}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{08ED1E7F-7BA5-42C5-BF94-42A27B77B662}C:\program files (x86)\serious sam 2\bin\sam2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\serious sam 2\bin\sam2.exe |
"UDP Query User{10B9FAB1-C97F-4808-A718-7B476056F570}C:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma ii\arma2oa.exe |
"UDP Query User{17A648EE-0FF7-4CAF-825F-CEA7D0EF181C}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{1FBC41A2-B9AE-4370-93F0-922247F67800}C:\program files (x86)\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"UDP Query User{22452A10-5B12-4B17-A4CE-80BEBCEB5365}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{27B9D740-9423-4B64-8C1B-D923AB4A167C}C:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe |
"UDP Query User{2CFDC443-6DD3-4AFE-89E9-5634966BF5A2}C:\program files\java\jdk1.7.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0\bin\javaw.exe |
"UDP Query User{308EC291-DD18-4E99-BF4D-D939411E7F77}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{3B9C7586-B2D8-498C-BD43-DA8D82055F6F}C:\program files (x86)\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\program files (x86)\combat arms eu\engine.exe |
"UDP Query User{3DF94342-1F29-4EFE-8E74-2715BA22D214}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{445BF18E-3B45-42A2-A4C2-3F900F76575A}C:\program files (x86)\microsoft games\midtown madness 2 trial\mm2trial.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\midtown madness 2 trial\mm2trial.exe |
"UDP Query User{45473087-E665-47C6-9FCF-39CC6EAAB7DC}C:\users\***\desktop\tdu2downloader.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\tdu2downloader.exe |
"UDP Query User{4559B77C-8DE4-4E10-8165-8CEFE392831D}I:\counter strike\cstrike.exe" = protocol=17 | dir=in | app=i:\counter strike\cstrike.exe |
"UDP Query User{464358ED-AEC1-41F5-A1B7-E9F77CF6CF8A}C:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"UDP Query User{4BA2A23F-2484-42B3-90BD-99E628259E6C}C:\users\***\desktop\counter strike\cstrike.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\counter strike\cstrike.exe |
"UDP Query User{4BAFB628-44E2-45D1-8C80-4B5264033CEC}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{4BFC363B-1581-4AAD-9949-4D328EED87B5}C:\program files (x86)\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"UDP Query User{51931157-BC3B-4296-AF44-DAF862B3D370}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{52D6054E-B855-4FF2-8289-DB28C97B0691}C:\users\***\desktop\bildschirm\2. bildschirm\valve\counter strike\cstrike.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\bildschirm\2. bildschirm\valve\counter strike\cstrike.exe |
"UDP Query User{5493F433-1772-408E-B79C-276482CCF318}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{57DD0CB8-6A1D-447D-AB76-96B13D60F87E}C:\program files\java\jdk1.6.0_21\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_21\bin\javaw.exe |
"UDP Query User{659AB9E9-A3F9-46EA-81B8-507C3482E94A}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{66385734-92FD-4F15-855C-29174BC34D50}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{6EA7DCA0-EBB5-4179-92EB-5899146DF179}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe |
"UDP Query User{6EDFA280-563C-40C0-BBD9-800B41332D2B}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |
"UDP Query User{71A3D088-1F84-448E-BDFE-E5D364D926AD}C:\program files (x86)\combat arms eu\nmservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\combat arms eu\nmservice.exe |
"UDP Query User{7470641B-8D96-4646-B41F-26813D6905F7}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
"UDP Query User{74C6DDF6-45D3-4953-854A-253B306812DE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{767EC00F-2AD1-45C1-972A-47A666D3B143}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{7B7B65FB-328F-4E27-9055-0A47B6A7725F}C:\users\***\desktop\valve\counter strike\cstrike.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\valve\counter strike\cstrike.exe |
"UDP Query User{80D0CD84-471F-4E20-B048-18F752826461}C:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{858411FB-F46C-4395-BA37-9B8964FE4835}F:\backups\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=f:\backups\ea games\battlefield 2\bf2.exe |
"UDP Query User{8639328C-FE70-449D-8070-0695DF488C4B}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{8642066D-6010-4FDA-8FFC-53358C9BE4CD}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{8DB47D90-1F2C-434C-BBF4-79A25D277D2F}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{900236F6-F45B-463E-980F-764965182196}C:\program files (x86)\call of duty\coduomp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty\coduomp.exe |
"UDP Query User{915F94E5-33C2-4BCF-AE4C-A3D2D021EE25}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{942C8516-DED4-49DD-8597-85A242258FE6}C:\program files (x86)\serious sam 2\bin\sam2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\serious sam 2\bin\sam2.exe |
"UDP Query User{95908626-E85F-4B82-ADC5-FDD30C4EC26D}C:\program files (x86)\steam\steamapps\focus\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\half-life 2 deathmatch\hl2.exe |
"UDP Query User{9B573D74-674E-4855-B735-0009541E3A39}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"UDP Query User{9D5298E8-2C26-4CB0-A4B1-3CA0D783A564}C:\program files (x86)\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt\dirt.exe |
"UDP Query User{9F713779-BA47-4717-9FD4-65F986261E8C}C:\program files (x86)\empire interactive\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\empire interactive\flatout2\flatout2.exe |
"UDP Query User{A1961634-A535-48F7-A45D-8797A2858CD0}C:\program files (x86)\jlc's software\internet tv\internet tv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jlc's software\internet tv\internet tv.exe |
"UDP Query User{A65841FF-AC4B-42A9-B5A9-761CCACFC0D7}C:\program files (x86)\steam\steamapps\focus\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\team fortress 2\hl2.exe |
"UDP Query User{A6996DFD-322E-4D0C-919E-B57D1C69D960}C:\program files (x86)\steam\steamapps\focus\half-life blue shift\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\focus\half-life blue shift\hl.exe |
"UDP Query User{A9670980-D062-4ACA-999F-79728205174C}C:\program files (x86)\atari\tdu2 demo\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\uplauncher.exe |
"UDP Query User{ACAB6B12-88AF-4D54-9EEC-AB40F986DE50}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{BA6AEAC0-3BDE-4C09-BFA4-61D9691778A4}C:\users\***\downloads\tdu2downloader.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\tdu2downloader.exe |
"UDP Query User{BD9E3986-4874-40A8-B6BD-56795A900FCF}C:\program files (x86)\atari\tdu2 demo\_uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\_uplauncher.exe |
"UDP Query User{C1552090-83AD-4D0A-8882-994896D01884}C:\program files\java\jdk1.7.0\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0\jre\bin\java.exe |
"UDP Query User{C7BFC504-F0A9-4788-8A11-666B79C04A78}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{CA41ECB1-7D1F-4B2D-BE2C-0807601E3358}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"UDP Query User{CE41BB0F-A2E4-4978-8958-90FC3A2D7A18}C:\program files (x86)\ea games\battlefield 2sf\bf2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2sf\bf2.exe |
"UDP Query User{D285B30D-510C-4E86-BE41-C28C12E0205B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{D8D9E955-B026-4515-9B95-411473D453A1}C:\program files (x86)\ubisoft\xiii\system\xiii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\xiii\system\xiii.exe |
"UDP Query User{DD6CD4E6-B696-4FA3-8EC3-F1B10695A9EE}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{F6D30262-B0C3-4343-B99E-CDE857848331}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe |
"UDP Query User{F6DA7623-73CC-4E99-B276-21D26580E21D}C:\program files (x86)\trackmania sunrise\tmsunrise.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trackmania sunrise\tmsunrise.exe |
"UDP Query User{F7ABAD20-265B-4788-BB04-B6AD616CA4D2}C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"UDP Query User{FA529AE9-F447-4EEF-9A66-C29AA350B185}C:\program files (x86)\atari\tdu2 demo\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2 demo\testdrive2.exe |
"UDP Query User{FB23D023-91D4-4C30-9990-62E4C2DD5DB2}C:\program files\java\jdk1.6.0_21\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_21\jre\bin\java.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2CA3495A-46E9-4E03-866F-8B9B0AD177CA}" = Microsoft Camera Codec Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"C-Media Oxygen HD Audio Driver" = ASUS Xonar DG Audio Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"SP6" = Logitech SetPoint 6.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{31671B31-682F-499E-00B9-7AD7D33C9E4F}" = Need For Speed Hot Pursuit 2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 - Königsedition
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42BC0474-6E50-464A-8183-5E3D32E41B1B}" = XIII
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}" = FlatOut
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = NFS Underground
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AC056D10-E6C0-4085-BAD6-EEBB5EC76D66}" = Pro Evolution Soccer 4
"{AC696733-F8C5-4EAD-B165-AC8AB8C2A755}" = TTS_Technology
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{CC23FF9A-989C-4DEB-8970-50E6E4862315}" = EOSInfo
"{CD27A577-BD77-481D-9E07-314AE9059A77}" = bcTester 4.9 (de)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ArmA 2" = ArmA 2 Uninstall
"Arma 2 Army of The Czech Republic (LITE)" = Arma 2 Army of The Czech Republic (LITE) Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye" = BattlEye Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Designer 2.0_is1" = Designer 2.0
"DivX Setup" = DivX-Setup
"DPP" = Canon Utilities Digital Photo Professional 3.8
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FastStone Image Viewer" = FastStone Image Viewer 4.4
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"Fraps" = Fraps (remove only)
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AC056D10-E6C0-4085-BAD6-EEBB5EC76D66}" = Pro Evolution Soccer 4
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"IrfanView" = IrfanView (remove only)
"Mafia" = Mafia
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"OpenAL" = OpenAL
"Origin" = Origin
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PixelNet Software" = PixelNet Software 4.12.1
"PROHYBRIDR" = 2007 Microsoft Office system
"PunkBusterSvc" = PunkBuster Services
"Samsung ML-371x Series" = Samsung ML-371x Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"SeriousSam2" = Serious Sam 2
"SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC" = Microsoft Flight Simulator X Service Pack 1
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 130" = Half-Life: Blue Shift
"Steam App 211500" = RaceRoom Racing Experience
"Steam App 218230" = PlanetSide 2
"Steam App 240" = Counter-Strike: Source
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 24980" = Mass Effect 2
"Steam App 280" = Half-Life: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 400" = Portal
"Steam App 50" = Half-Life: Opposing Force
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 8190" = Just Cause 2
"Steam App 9930" = Test Drive Unlimited 2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TIPP10_is1" = TIPP10 Version 2.1.0
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"TmSunrise_is1" = TrackMania Sunrise
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ OSession Events ]
Error - 26.04.2012 12:52:08 | Computer Name = ANTEC300HEPP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4082
 seconds with 480 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 21.03.2013 06:42:20 | Computer Name = ANTEC300HEPP | Source = Application Popup | ID = 875
Description = Treiber sfsync02.sys konnte nicht geladen werden.
 
Error - 21.03.2013 06:42:38 | Computer Name = ANTEC300HEPP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht
gestartet:  %%3
 
Error - 21.03.2013 06:42:41 | Computer Name = ANTEC300HEPP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 21.03.2013 06:43:01 | Computer Name = ANTEC300HEPP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  sfsync02
 
Error - 21.03.2013 06:46:21 | Computer Name = ANTEC300HEPP | Source = Application Popup | ID = 875
Description = Treiber sfsync02.sys konnte nicht geladen werden.
 
Error - 21.03.2013 06:46:40 | Computer Name = ANTEC300HEPP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht
gestartet:  %%3
 
Error - 21.03.2013 06:46:40 | Computer Name = ANTEC300HEPP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 21.03.2013 06:47:00 | Computer Name = ANTEC300HEPP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  sfsync02
 
 
< End of report >


cosinus 21.03.2013 16:15

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Stan911s 21.03.2013 22:27

Einmal Malwarebytes...
Code:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.21.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ANTEC300HEPP [Administrator]

21.03.2013 19:51:31
mbam-log-2013-03-21 (19-51-31).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 216751
Laufzeit: 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

... und ESET.

Code:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=119cb47baa81c04f8c98c07fee0252db
# engine=13449
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-21 09:14:35
# local_time=2013-03-21 10:14:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 917869 100437331 976285 0
# compatibility_mode=5893 16776573 100 94 374812 115530325 0 0
# scanned=474530
# found=0
# cleaned=0
# scan_time=8175


cosinus 22.03.2013 12:40

Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Stan911s 22.03.2013 14:02

Zitat:

Zitat von cosinus (Beitrag 1033099)
Sieht soweit ok aus :daumenhoc

Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Klasse, ein großes Dankeschön an Dich Cosinus! Ich kann das Forum nur weiter empfehlen, alles wirkt gut strukturiert und die Anweisungen sind unmissverständlich. :daumenhoc
Danke an den Tip mit den Cookies, da ich mich ohnehin immer auslogge sollte ich das mal berücksichtigen.
Ansonsten habe ich keine weiteren Funde - falls doch melde ich mich hier. :)

cosinus 22.03.2013 14:43

Dann wären wir durch! :daumenhoc

Die Programme, die hier zum Einsatz kamen, können alle wieder runter.

Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen

Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Stan911s 22.03.2013 15:42

Ich kann mich nur wiederholen, danke Dir! Die Hinweise werd' ich mir in Ruhe mal ansehen. ;)


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132