| |
| |||||||
Log-Analyse und Auswertung: firewall blockt explorer.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.05.2010, 11:18
| #1 |
| |  firewall blockt explorer.exe Ich finde es ziemlich skurril, dass die Windows-Firewall die explorer.exe blockiert. Ich habe es zunächst einmal "weiterhin Blockieren" lassen, jedoch war ich verwundert, dass die Desktop-Icons noch immer da sind. Ich denke ich habe einen Virus und würde daher gerne wissen ob irgendwas Verdächtiges zu erkennen ist: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:29:41, on 14.05.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Users\Human\Documents\Vista Anti-Lag\val.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\QIP\qip.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Human\Downloads\HJT\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://search.qip.ru R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://search.qip.ru R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://search.qip.ru/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://search.qip.ru R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://search.qip.ru/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\config\systemprofile\AppData\Roaming\sdra64.exe,C:\Users\Human\AppData\Roaming\sdra64.exe, O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Remote Connections Service (FlexService) - BitMicro Software Corporation - C:\Program Files\RapidBIT\cisvc.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe -- End of file - 8397 bytes |
|
14.05.2010, 14:06
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | firewall blockt explorer.exe Hallo und
__________________ bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
14.05.2010, 21:03
| #3 |
| | firewall blockt explorer.exe Hallo,
__________________Ich habe wie beschrieben einen Malware-Scan durchgeführt und habe 1 Logfile gekriegt, nach welcher ich einen Reboot machen musste, jedoch könnte ich darauf schwören, dass vor dem Reboot überall wo "no actions taken" steht, unterschiedliche sachen standen wie z.B. "quarantied and deleted". Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4101
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
14.05.2010 21:04:00
mbam-log-2010-05-14 (21-04-00).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 518830
Laufzeit: 2 Stunde(n), 22 Minute(n), 25 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 5
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\config\systemprofile\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\config\systemprofile\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\users\human\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\Windows\system32\userinit.exe,C:\Windows\system32\config\systemprofile\AppData\Roaming\sdra64.exe,C:\Users\Human\AppData\Roaming\sdra64.exe,) Good: (Userinit.exe) -> No action taken.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\pdfupd.exe (Spyware.Zbot) -> No action taken.
C:\Program Files\QIP\Users\*******\RcvdFiles\*******\Hammerfight\Hammerfight\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Program Files\QIP\Users\*******\RcvdFiles\*******\Hammerfight\Hammerfight\hf\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Users\Human\Downloads\Hammerfight\Uninstall.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> No action taken.
C:\Users\Human\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> No action taken.
Code:
ATTFilter OTL logfile created on: 14.05.2010 21:29:04 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Human\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 451,11 Gb Total Space | 42,53 Gb Free Space | 9,43% Space Free | Partition Type: NTFS Drive D: | 14,63 Gb Total Space | 9,34 Gb Free Space | 63,86% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KYOTO-SHI Current User Name: Human Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Human\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\RapidBIT\cidaemon.exe (BitMicro Software Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\System32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.) PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\wisptis.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) ========== Modules (SafeList) ========== MOD - C:\Users\Human\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll (Microsoft Corporation) MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.) MOD - C:\Program Files\Logitech\SetPoint\GameHook.dll (Logitech, Inc.) MOD - C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- File not found SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (DAUpdaterSvc) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (FlexService) -- C:\Program Files\RapidBIT\cisvc.exe (BitMicro Software Corporation) SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology) DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (camfilt2) -- C:\Windows\System32\drivers\camfilt2.sys (Guillemot Corporation) DRV - (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology) DRV - (WacomVKHid) -- C:\Windows\System32\drivers\WacomVKHid.sys (Wacom Technology) DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce)) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce)) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce)) DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology) DRV - (RTCore32) -- C:\Users\Human\Downloads\rmclock_235_bin\RTCore32.sys () DRV - (rt2500usb) DWL-G122(rev.B) -- C:\Windows\System32\drivers\rt2500usb.sys (Ralink Technology Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "LEO de<->en" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0 FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4 FF - prefs.js..keyword.URL: "hxxp://search.qip.ru/search?from=FF&query=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.04 11:12:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.04 11:12:03 | 000,000,000 | ---D | M] [2008.07.19 15:31:45 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Extensions [2010.05.14 11:29:59 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions [2010.02.11 14:31:59 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2010.04.30 16:17:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009.08.11 11:36:57 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\battlefieldheroespatcher@ea.com [2009.02.24 13:37:20 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\FFClickOnce@softwarepunk.com [2010.03.10 22:26:21 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\firefox@tvunetworks.com [2010.03.12 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\youtube2mp3@mondayx.de [2010.05.07 22:33:23 | 000,002,008 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\leo-de-en.xml [2010.05.07 22:33:22 | 000,002,298 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\leo-fr-de.xml [2008.07.18 09:59:10 | 000,001,935 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\megadownload.xml [2009.01.26 15:19:23 | 000,001,330 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\wikipedia-en.xml [2010.05.14 11:29:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008.02.22 14:42:10 | 000,390,512 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npoctoshape.dll [2010.03.14 18:58:56 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.14 18:58:56 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.14 18:58:57 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.14 18:58:57 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.14 18:58:57 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Human\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Human\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{9215c21b-c03d-11dc-865d-001195e64caf}\Shell - "" = AutoRun O33 - MountPoints2\{9215c21b-c03d-11dc-865d-001195e64caf}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found O33 - MountPoints2\{dbc3e181-70cc-11de-a42c-001195e64caf}\Shell - "" = AutoRun O33 - MountPoints2\{dbc3e181-70cc-11de-a42c-001195e64caf}\Shell\AutoRun\command - "" = E:\Launch.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.14 18:39:03 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\Malwarebytes [2010.05.14 18:38:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.05.14 18:38:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.05.14 18:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.05.14 18:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.05.14 18:34:17 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Human\Desktop\OTL.exe [2010.05.14 11:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Human\AppData\Roaming\lowsec [2010.05.12 18:50:34 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\LolClient [2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Users\Human\Documents\StarCraft II Beta [2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta [2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Local\Blizzard Entertainment [2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.05.09 16:06:32 | 000,000,000 | ---D | C] -- C:\Users\Human\Desktop\versions [2010.05.09 13:56:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files [2010.05.08 13:29:24 | 000,000,000 | ---D | C] -- C:\Users\Human\Documents\GTA San Andreas User Files [2010.05.07 22:52:38 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2010.05.07 14:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft 2 [2010.05.04 19:51:21 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\TS3Client [2010.05.04 19:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2010.05.03 20:52:04 | 000,000,000 | ---D | C] -- C:\hsperfdata_KYOTO-SHI$ [2010.05.02 09:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\RapidBIT [2010.04.24 12:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Gamehouse [2010.04.24 11:34:11 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\Octoshape [2010.04.23 20:59:22 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\PopCapv1002 [2010.04.23 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\PopCapv1005eni [2010.04.23 14:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Popcap Game Collection [2009.09.20 20:57:34 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll [2009.09.20 20:57:31 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [13 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.14 21:30:04 | 004,718,592 | -HS- | M] () -- C:\Users\Human\ntuser.dat [2010.05.14 21:20:04 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.05.14 21:20:04 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.05.14 21:12:04 | 000,003,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.14 21:12:04 | 000,003,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.14 21:12:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.14 21:12:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.14 21:11:58 | 3219,308,544 | -HS- | M] () -- C:\hiberfil.sys [2010.05.14 21:11:08 | 000,524,288 | -HS- | M] () -- C:\Users\Human\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2010.05.14 21:11:08 | 000,065,536 | -HS- | M] () -- C:\Users\Human\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.05.14 21:10:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.05.14 21:10:33 | 006,291,456 | -H-- | M] () -- C:\Users\Human\AppData\Local\IconCache.db [2010.05.14 18:38:53 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.14 18:34:22 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Human\Desktop\OTL.exe [2010.05.13 22:39:07 | 000,042,988 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100513_203837174.html [2010.05.13 22:15:04 | 000,628,517 | ---- | M] () -- C:\Users\Human\Desktop\DSC01337.JPG [2010.05.13 01:44:09 | 004,718,592 | -HS- | M] () -- C:\Users\Human\ntuser.dat_previous [2010.05.13 01:20:23 | 000,524,288 | ---- | M] () -- C:\TMP0000006A0149CEE44DEE1C88 [2010.05.11 22:54:26 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100511_205422923.html [2010.05.11 19:14:22 | 000,459,851 | ---- | M] () -- C:\Users\Human\Desktop\DSC00412.JPG [2010.05.10 23:02:06 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100510_210205375.html [2010.05.10 22:14:21 | 000,030,909 | ---- | M] () -- C:\Users\Human\Documents\AIDS.odt [2010.05.09 22:36:10 | 000,042,756 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100509_203608294.html [2010.05.09 16:19:16 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk [2010.05.09 00:25:51 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_222550507.html [2010.05.08 23:14:11 | 000,056,272 | ---- | M] () -- C:\Users\Human\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.08 23:13:37 | 001,597,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.05.08 17:17:16 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_151715531.html [2010.05.08 13:34:45 | 000,001,079 | ---- | M] () -- C:\Users\Human\Desktop\samp.lnk [2010.05.08 13:29:15 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2010.05.07 23:25:08 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_212507117.html [2010.05.07 22:52:38 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.05.07 16:14:29 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_141427563.html [2010.05.06 23:08:46 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_210842870.html [2010.05.06 16:18:10 | 000,042,756 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_141809248.html [2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.05.05 22:50:54 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100505_205052745.html [2010.05.04 22:29:49 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100504_202929351.html [2010.05.04 19:51:12 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.05.04 18:36:33 | 000,001,821 | ---- | M] () -- C:\Users\Human\Desktop\motherload.lnk [2010.05.03 22:58:35 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_205834103.html [2010.05.03 14:42:58 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_124256498.html [2010.05.02 22:08:11 | 000,042,632 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100502_200803571.html [2010.05.02 09:39:52 | 000,002,180 | ---- | M] () -- C:\Users\Human\Desktop\Bookworm Adventures Deluxe.lnk [2010.05.02 00:05:34 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_220533281.html [2010.05.01 18:59:33 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_165932129.html [2010.05.01 11:15:09 | 000,042,624 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_091508459.html [2010.04.30 23:05:09 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_210508516.html [2010.04.30 18:28:10 | 000,042,930 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_162810041.html [2010.04.29 22:32:23 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_203221249.html [2010.04.29 17:18:01 | 000,042,988 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_151757671.html [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.04.28 22:04:55 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100428_200451616.html [2010.04.27 22:01:40 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100427_200137259.html [2010.04.27 17:09:22 | 000,387,385 | ---- | M] () -- C:\Users\Human\Desktop\DSC00396.JPG [2010.04.26 22:14:11 | 000,042,952 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100426_201359730.html [2010.04.25 22:45:11 | 000,042,924 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100425_204509599.html [2010.04.25 01:36:34 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_233632753.html [2010.04.24 14:17:19 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_121718341.html [2010.04.24 12:43:53 | 000,000,122 | ---- | M] () -- C:\Windows\popcinfo.dat [2010.04.23 22:39:38 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_203936423.html [2010.04.23 15:11:19 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_131118306.html [2010.04.23 15:00:52 | 000,000,649 | ---- | M] () -- C:\Users\Human\Desktop\Popcap Game Collection.lnk [2010.04.23 15:00:27 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\Heavy Weapon Deluxe.lnk [2010.04.22 23:24:14 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100422_212413261.html [2010.04.21 23:00:09 | 000,042,980 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_205955687.html [2010.04.21 15:11:29 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_131129040.html [2010.04.20 22:37:33 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100420_203731183.html [2010.04.19 23:33:27 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_213324366.html [2010.04.19 15:28:08 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_132807389.html [2010.04.18 22:59:52 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_205949971.html [2010.04.18 15:55:44 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_135543656.html [2010.04.18 15:36:20 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_133616024.html [2010.04.16 14:44:51 | 000,001,265 | ---- | M] () -- C:\Users\Human\Desktop\Pokesav_HGSS-ENG-Ver.0.03a_PP.org - Verknüpfung.lnk [2010.04.15 18:52:34 | 000,524,288 | ---- | M] () -- C:\Users\Human\Desktop\Pokemon_HeartGold.sav [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [13 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.14 18:38:53 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.13 22:38:33 | 000,042,988 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100513_203837174.html [2010.05.13 22:15:03 | 000,628,517 | ---- | C] () -- C:\Users\Human\Desktop\DSC01337.JPG [2010.05.13 01:20:23 | 000,524,288 | ---- | C] () -- C:\TMP0000006A0149CEE44DEE1C88 [2010.05.11 22:54:21 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100511_205422923.html [2010.05.11 21:23:32 | 000,459,851 | ---- | C] () -- C:\Users\Human\Desktop\DSC00412.JPG [2010.05.10 23:02:03 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100510_210205375.html [2010.05.10 20:06:43 | 000,030,909 | ---- | C] () -- C:\Users\Human\Documents\AIDS.odt [2010.05.09 22:36:06 | 000,042,756 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100509_203608294.html [2010.05.09 16:13:31 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk [2010.05.09 00:25:48 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_222550507.html [2010.05.08 17:17:14 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_151715531.html [2010.05.08 13:34:45 | 000,001,079 | ---- | C] () -- C:\Users\Human\Desktop\samp.lnk [2010.05.07 23:25:04 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_212507117.html [2010.05.07 22:52:38 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.05.07 16:14:26 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_141427563.html [2010.05.06 23:08:40 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_210842870.html [2010.05.06 16:18:07 | 000,042,756 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_141809248.html [2010.05.05 22:50:50 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100505_205052745.html [2010.05.04 22:29:25 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100504_202929351.html [2010.05.04 19:51:12 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.05.04 18:36:28 | 000,001,821 | ---- | C] () -- C:\Users\Human\Desktop\motherload.lnk [2010.05.03 22:58:31 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_205834103.html [2010.05.03 14:42:54 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_124256498.html [2010.05.02 22:08:00 | 000,042,632 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100502_200803571.html [2010.05.02 09:38:11 | 000,002,180 | ---- | C] () -- C:\Users\Human\Desktop\Bookworm Adventures Deluxe.lnk [2010.05.02 00:05:30 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_220533281.html [2010.05.01 18:59:30 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_165932129.html [2010.05.01 11:15:05 | 000,042,624 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_091508459.html [2010.04.30 23:05:07 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_210508516.html [2010.04.30 18:28:07 | 000,042,930 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_162810041.html [2010.04.29 22:32:20 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_203221249.html [2010.04.29 17:17:55 | 000,042,988 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_151757671.html [2010.04.28 22:04:48 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100428_200451616.html [2010.04.27 22:01:34 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100427_200137259.html [2010.04.27 19:10:08 | 000,387,385 | ---- | C] () -- C:\Users\Human\Desktop\DSC00396.JPG [2010.04.26 22:13:57 | 000,042,952 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100426_201359730.html [2010.04.25 22:45:06 | 000,042,924 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100425_204509599.html [2010.04.25 01:36:29 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_233632753.html [2010.04.24 14:17:15 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_121718341.html [2010.04.23 22:39:35 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_203936423.html [2010.04.23 15:11:16 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_131118306.html [2010.04.23 15:00:52 | 000,000,649 | ---- | C] () -- C:\Users\Human\Desktop\Popcap Game Collection.lnk [2010.04.22 23:24:10 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100422_212413261.html [2010.04.22 22:35:09 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\Heavy Weapon Deluxe.lnk [2010.04.21 22:59:51 | 000,042,980 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_205955687.html [2010.04.21 15:11:26 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_131129040.html [2010.04.20 22:37:28 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100420_203731183.html [2010.04.19 23:33:21 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_213324366.html [2010.04.19 15:28:04 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_132807389.html [2010.04.18 22:59:46 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_205949971.html [2010.04.18 15:55:41 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_135543656.html [2010.04.18 15:36:13 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_133616024.html [2010.04.16 14:44:51 | 000,001,265 | ---- | C] () -- C:\Users\Human\Desktop\Pokesav_HGSS-ENG-Ver.0.03a_PP.org - Verknüpfung.lnk [2010.04.16 13:19:21 | 000,524,288 | ---- | C] () -- C:\Users\Human\Desktop\Pokemon_HeartGold.sav [2010.02.19 17:59:08 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini [2010.02.19 17:56:43 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll [2009.12.05 01:09:35 | 000,000,506 | ---- | C] () -- C:\Windows\System32\config.ini [2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009.09.20 20:57:31 | 000,015,478 | ---- | C] () -- C:\Windows\snpstd3.ini [2009.08.22 17:12:40 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.04.29 18:58:22 | 000,000,027 | ---- | C] () -- C:\Windows\ic.ini [2009.04.09 00:53:56 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini [2009.02.16 01:04:24 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll [2008.11.21 00:02:04 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI [2008.11.15 18:52:39 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2008.10.28 14:55:24 | 000,000,307 | ---- | C] () -- C:\Windows\game.ini [2008.08.26 15:29:55 | 000,000,255 | ---- | C] () -- C:\Windows\kaillera.ini [2008.06.21 12:42:11 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008.06.06 22:43:05 | 000,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2008.05.23 00:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.05.23 00:19:46 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest [2008.05.23 00:19:46 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest [2008.05.23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2007.12.22 19:20:40 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2007.11.06 22:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:45690DD4 < End of report > |
|
14.05.2010, 21:04
| #4 |
| | firewall blockt explorer.exe und aus Extras.Txt Code:
ATTFilter OTL Extras logfile created on: 14.05.2010 21:29:04 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Human\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451,11 Gb Total Space | 42,53 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive D: | 14,63 Gb Total Space | 9,34 Gb Free Space | 63,86% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KYOTO-SHI
Current User Name: Human
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe" = C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video Cleaner -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009079B7-BACB-4861-8504-EB6F1BD93217}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher |
"{02FB27B0-2EBF-4185-8F88-D38FB6D76761}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher |
"{087AB973-D5FA-4260-B2C4-3BC10C845929}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{08B897B9-DBE0-4844-A4E2-1E71ED2056E5}" = lport=6984 | protocol=6 | dir=in | name=league of legends launcher |
"{0CB69BD5-ABC2-4940-B544-E44FA8654F55}" = lport=8383 | protocol=17 | dir=in | name=league of legends launcher |
"{0D1218E5-5CD2-4CB4-862A-33D34B9EA888}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0FA1F9C2-298B-42FB-A303-A1635028581F}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher |
"{11B47E74-27E2-43B4-A92C-3AF8CACDF161}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{14D18327-72A1-4A03-BB21-1B033516EAA2}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher |
"{179E347E-F916-4F0C-A152-9C53855A9C77}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{17CCE68B-26AB-466D-A21A-3C72BCCB68A0}" = lport=6916 | protocol=17 | dir=in | name=league of legends launcher |
"{18667CCA-612B-49A3-91E2-937047DB4774}" = lport=56098 | protocol=6 | dir=in | name=league of legends launcher |
"{1A32A9AC-8009-4E06-A1E2-4F1FE55BFEEB}" = lport=6962 | protocol=17 | dir=in | name=league of legends launcher |
"{1A66DDB8-898B-4728-B069-E080CE31BB4D}" = lport=6971 | protocol=17 | dir=in | name=league of legends launcher |
"{1CF91608-DF29-45E7-AC26-665215C7C56C}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher |
"{1E6092ED-D4B1-4BB3-AD66-3D5CEAF8BECA}" = lport=8384 | protocol=17 | dir=in | name=league of legends launcher |
"{1EC84243-D247-436A-8E80-6D5DA747B333}" = lport=6964 | protocol=17 | dir=in | name=league of legends launcher |
"{20E247EF-CBDB-4946-AED0-9122FA492DB3}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{2AC3AB01-61B9-4599-AF83-1E742767CE3A}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher |
"{2D87B0D4-A8A8-492A-B8F2-1B0C89915E49}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{30B22500-7A39-4A32-99D8-9982BC90BCBF}" = lport=6897 | protocol=17 | dir=in | name=league of legends launcher |
"{321F113A-3233-4313-9AB4-1ED6C964A97E}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{3458D349-AB37-466D-85E7-AE68E8A2098F}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{39CF4BAE-58B9-43A0-97C3-95F3383AD3CD}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher |
"{3A71E220-D3D0-4E10-AC12-CBDB13F950E6}" = lport=6940 | protocol=6 | dir=in | name=league of legends launcher |
"{3A736192-336C-4A96-A15E-56C2BBDB0C7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3B6E064D-EE37-4712-B3B5-72AB73B07894}" = lport=6964 | protocol=6 | dir=in | name=league of legends launcher |
"{3CD230A8-D815-410D-93BF-BB0B7196011E}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{468A5001-5A13-417D-BDF5-66483719F30C}" = lport=6913 | protocol=6 | dir=in | name=league of legends launcher |
"{4C820782-DF4F-4DD0-B067-F4BBC5F12810}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{4E3B33A7-8BFF-4413-8A1F-F98612BDF3BC}" = lport=52989 | protocol=6 | dir=in | name=league of legends launcher |
"{5023E3A1-A1F5-4FC4-AAE5-B405C6C8CF41}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{5240443C-E0D5-4760-BE46-CC345C07FDB2}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher |
"{56F67902-AEA1-4B69-9F5F-225EB92B8427}" = lport=6885 | protocol=6 | dir=in | name=league of legends launcher |
"{57FF8380-4600-4247-9C11-A38B368F6643}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{5899107E-E03C-407E-AC5E-7502AF020233}" = lport=6962 | protocol=6 | dir=in | name=league of legends launcher |
"{58F49803-0CAE-42FA-91A1-E1868587127B}" = lport=8382 | protocol=17 | dir=in | name=league of legends launcher |
"{5D471DEB-271A-4ED0-93DF-AD3B3B51F704}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher |
"{5F717342-6254-4527-B87D-E1AC31E388D7}" = lport=6913 | protocol=17 | dir=in | name=league of legends launcher |
"{5FCBA4F0-2D16-4EA2-A2A5-BD981E77D829}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{62184EBE-E944-4AA7-8438-129E73D9130C}" = lport=8399 | protocol=6 | dir=in | name=league of legends launcher |
"{63EA6BFA-4920-4C47-9EE4-CC953F121C6B}" = lport=53365 | protocol=17 | dir=in | name=league of legends launcher |
"{65226E0F-02D9-4D0D-921C-F99D7A44F4D3}" = lport=6940 | protocol=17 | dir=in | name=league of legends launcher |
"{6657C147-694E-43CF-95F2-C2842A422D41}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher |
"{6999CCB3-395D-46DD-A332-26F7392AED8B}" = lport=8384 | protocol=6 | dir=in | name=league of legends launcher |
"{6B2B12E3-D3FF-45E5-80DC-6FB1D8852F07}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{6F37E164-1720-45D8-80D0-6F3C5367904E}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{7159D3C4-AE01-4FA0-8C41-3935EBB2C795}" = lport=6897 | protocol=6 | dir=in | name=league of legends launcher |
"{79F09D13-02BF-4E74-AD01-61E1971B5D59}" = lport=6934 | protocol=6 | dir=in | name=league of legends launcher |
"{7CCF8E45-9EF7-410B-A308-F052289DC926}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher |
"{849FE548-3660-4A9B-A662-C733BBD364BD}" = lport=6987 | protocol=6 | dir=in | name=league of legends launcher |
"{87EA7331-EE5C-414E-B254-A19AF2E830BE}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{87FFC4FD-74D0-4025-AFC6-889ECB7F03EC}" = lport=6916 | protocol=6 | dir=in | name=league of legends launcher |
"{8B9CBA55-93D5-458A-B1F6-F8FBEECADC06}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{90CBC505-553F-449C-A087-7DFEF890AEB8}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher |
"{A2018B35-A41B-4D32-AC72-0C553E48D1B5}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{A31F617D-E50A-4731-9E05-7F49ADA35C6F}" = lport=52989 | protocol=17 | dir=in | name=league of legends launcher |
"{B045700E-CF98-46FF-B74F-5896704AE25B}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher |
"{B088AEDB-105C-4774-BF7A-8C2AA351382C}" = lport=6934 | protocol=17 | dir=in | name=league of legends launcher |
"{B8B0F91E-1404-40E0-8E05-DCA77633626B}" = lport=6994 | protocol=6 | dir=in | name=league of legends launcher |
"{B9CFB9DE-A13C-44DA-A226-56B880A0188D}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher |
"{C5D6ED9B-3DEE-42CD-97D0-32847F933323}" = lport=6984 | protocol=17 | dir=in | name=league of legends launcher |
"{C8222B57-7733-4B8C-BD87-0B503A95477C}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{C9CD4D71-D53F-4D1A-A69C-D73309D2DF2E}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{CA715B28-A644-4417-B48D-1BBB579DFFA8}" = lport=8382 | protocol=6 | dir=in | name=league of legends launcher |
"{CB7EE1D9-3AB8-4468-8696-9276949E5A63}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{CBC4F99E-3470-4627-9784-D4B02A9CDED9}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{D2FC6E9E-E435-4B63-BCF1-5CB585E44E03}" = lport=8384 | protocol=17 | dir=in | name=league of legends launcher |
"{D378B949-34CE-4BC3-8B03-75874CEF5E62}" = lport=56098 | protocol=17 | dir=in | name=league of legends launcher |
"{D3F13528-94F3-45A9-A07F-090113758281}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{D83C53C1-4F41-4BDD-9BCA-AC8881050811}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{D8713DCC-97CA-4046-9450-51139FAF38D3}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{DCAF0406-3191-499E-8779-C0DD338888D2}" = lport=53365 | protocol=6 | dir=in | name=league of legends launcher |
"{DD8F3072-14CA-43F0-AAD3-7EB219FD492E}" = lport=6971 | protocol=6 | dir=in | name=league of legends launcher |
"{DFC7C45C-DF8A-474B-B0FC-1A2B24160D8F}" = lport=8399 | protocol=17 | dir=in | name=league of legends launcher |
"{E1B43BBD-D977-481D-A979-76F18BEFB2D7}" = lport=8384 | protocol=6 | dir=in | name=league of legends launcher |
"{E3A3CF55-3C6D-4CCC-9BAD-1C2E0472FA19}" = lport=6987 | protocol=17 | dir=in | name=league of legends launcher |
"{E6911386-FB55-4ECC-8928-2E4A3D5C5070}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher |
"{EA123DEA-C715-4F13-B0DA-64D4585FF960}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{EA767FDF-5A66-4D61-91AA-84820E448307}" = lport=6994 | protocol=17 | dir=in | name=league of legends launcher |
"{EDDD178B-DDBF-4675-A01E-FEDF9C1FB5AB}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{F07D5CD1-5454-4B94-9E9D-C05CCDA09AF6}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher |
"{F5AB5C66-DAA5-4378-AF39-21447BEA7AA0}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{F6A4FBD4-3FEA-4A13-8816-32BA2C5A8E4F}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{F8EF9242-26BC-41FB-9040-F73BB9832160}" = lport=6885 | protocol=17 | dir=in | name=league of legends launcher |
"{FD25B038-14B4-4F0A-B9BE-644C12AC0E6F}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher |
"{FF0DEBB9-1668-4565-8090-34F6362ED577}" = lport=8383 | protocol=6 | dir=in | name=league of legends launcher |
"{FF834120-260D-4C29-999B-B77B6EB85C98}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00739A22-6127-4F23-B13C-79BCC4C21A00}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia\princeofpersia_launcher.exe |
"{01A2D8DB-A47B-47EF-BC70-1063061E541A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{048E002F-BB3B-4010-AAC6-8379E7F82013}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{04E3DB5B-2926-48BF-9469-2FE1D4F38F0A}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{0BBA002D-9484-481D-9DE2-A461F2846CAC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\sf4launcher.exe |
"{0E09CA96-415E-497C-87B2-03C9263C54B7}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{0E39466C-F7D2-48E5-82FE-F0DA4BE725CB}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{14B6C998-FC39-421D-B0CD-073FC5CF23F1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia\prince of persia.exe |
"{17E2FDF7-F7AE-44F0-AB07-491D77298410}" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{1A6661D8-4AB1-420F-9AA6-63A93F64A9CE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia\prince of persia.exe |
"{26000304-29F9-401B-9993-3051774785B1}" = protocol=58 | dir=in | app=system |
"{26F1AF52-FFD1-4293-ADEB-B127E2E0B151}" = protocol=6 | dir=in | app=c:\program files\league of legends\lol.launcher.exe |
"{29693309-F93E-4F05-9E69-995F103B8B3A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2C00013E-A7E5-46B5-A537-0D89A5A52483}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{2F1D7CF2-B5D3-4B53-A3F6-453D1DF1D787}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{303626C1-92AF-4BFF-B45A-181CDE0334EB}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{341C9C85-06B2-47D7-A047-1503DEF0E1C0}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{35260E16-E4DC-4B3B-852B-9805264F71D7}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{36C288EF-57EB-4CAB-9A7B-CF7650E079D8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3E088944-1AFC-4EA4-8496-A63829A64CF4}" = protocol=6 | dir=in | app=c:\program files\ut2004\system\ut2004.exe |
"{42E67D4C-A7D6-4AB1-8182-070BD00C5313}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{4515E276-7012-4443-8918-DB1C302CCE85}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{465EEE13-633E-4E6E-8768-DE0470997986}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{4866B354-A950-4669-A51A-87AC901A5AA3}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{49CEBBCB-B88D-4FFB-AD99-5FC0AF15203A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{4A2BD444-32BF-4019-B46D-27A252C6307C}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{4EBD9075-730E-4FCA-B3FF-D973A83C8EDB}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{557E5858-CD2C-4FD3-BE1E-24BFB2286AF8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{5C1E2FF8-E3C7-4E0C-933D-10E152C6858E}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{6038C589-3BA4-4251-8FA4-484D22D6B3D2}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{62BB2CA3-9480-446F-AF65-DF3C022F05F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{63811A3D-705D-4D72-940D-9370951D1150}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{6C780331-5095-455B-95DB-6E638E0EA7EC}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{6F9CF48C-6AF7-423A-A482-A60013DB426E}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{774FDDD8-16F7-4E86-B66D-73C319C62D82}" = dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.0\cnc3ep1.dat |
"{79C3AF93-6B91-4A85-AD1D-F02FBE541AC6}" = protocol=17 | dir=in | app=c:\program files\ut2004\system\ut2004.exe |
"{7B071A21-4A02-4844-9B9F-84A292372E2F}" = protocol=17 | dir=in | app=c:\program files\league of legends\lol.launcher.exe |
"{81E78ECC-253E-431D-AD67-A8DA96521082}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{84280E2F-872B-44A1-BE12-830B9A1DFE86}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8C6476B5-82D9-4B4F-9BB7-4002107C34D0}" = protocol=1 | dir=in | name=lan-explorer - echoantwort (icmpv4 eingehend) |
"{8D6B6785-CB95-4F38-9145-3962F5C20EB5}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{90CCD1C7-065E-4724-A4FF-9B73D566854F}" = dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{936D3444-EB4C-4058-845E-3922F2047891}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia\princeofpersia_launcher.exe |
"{95E58769-8C38-4E4F-B7CF-0BACC121D53B}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{97B50053-96D2-4B3E-8285-30F0B8B1D73B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\sf4launcher.exe |
"{9BD5AD38-EC44-47F7-A08E-88E452C561EB}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{9DCB115D-5556-48D1-8BC5-7DD519D6D499}" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{9ED7B5FD-8F72-49AB-9E6E-73B53FB694EE}" = protocol=6 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe |
"{A21B2409-4DCC-478B-9A6D-A3DFD43786AD}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{A3978F9A-AE7D-47BB-B7DB-F77198E8B30D}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"{A7A2A656-17BD-44A7-A5B5-EEDC3F4F2618}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{A80D3946-423B-4C06-A218-B26171448B0D}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{AB83A238-AF56-4146-B639-5854A8D55F63}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ABB4520D-D4FE-4360-A551-385D23A9AD2F}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{AFB96EE7-CE43-4DCD-BE09-F94C895751F0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B1A76DB1-F115-4C4E-ABE0-E85143BCB1DF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{B6F29B07-805F-410C-B413-8C7B6B3EA004}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{BCDB4460-82AA-45D4-B307-82B586830D72}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{C05E81CE-2BC1-430D-BAFD-DEAA8A195003}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"{C2B231A5-B528-4B4E-91F4-E6047E9B3907}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{C41511AC-7221-460B-81BB-3CDD91B70E26}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{CA457EEB-1389-446C-9BBF-E895C74CAE1C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{CAF6A0A6-599E-45F4-BF0F-8A30DE86B81E}" = protocol=17 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe |
"{D58A668E-B436-402D-8AD6-612A71C5AB19}" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{DB41E284-D749-42FE-B0D7-EA81C5BB61FF}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{E1CAAE4A-2AD9-443B-B743-B0D3B60196B0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E2B0CD01-BCE8-4496-8685-E109A9D356F3}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{EE11784A-2A85-4125-9780-EBABE80AE556}" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{EF6B8241-7C73-4BFF-A0F4-EF557A4C800D}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{EFB11DC5-A42C-4A14-9FC4-28A6556BDB8C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F16F4176-D869-4F04-9C76-D4DE8BC3FBB1}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{F9476E03-FEB7-4BEF-8AB9-813ED26F8406}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FCC49DCD-E57F-4FD6-AE9A-04648ACEED31}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{FF0C5695-9F19-405F-A521-C25F9D003DF7}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{FF445000-AB9E-491F-9976-C08D3ACED491}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{01AD94B5-93DA-4F3F-B89D-4E5C294552C3}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"TCP Query User{03EA6766-60F8-47FF-89C2-A8503BBC23D7}C:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe" = protocol=6 | dir=in | app=c:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe |
"TCP Query User{04E1D089-D9C9-4C51-AC94-03D41B9A7C83}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"TCP Query User{06919E79-D0B7-4D05-9E69-1AF48039EBFF}C:\program files\littlefighter2\lf2_v1.9c\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v1.9c\lf2.exe |
"TCP Query User{075FB58C-C838-447D-966C-4D0642BC5B0F}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{08386CC6-19E8-4282-8C8C-C4B9EE06A223}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{1272C3A1-B629-46E6-A246-623BCB28F465}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"TCP Query User{19416DE6-BA1E-4922-B522-FBB7F3C79196}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"TCP Query User{1D69EF5D-F33B-4739-BFAB-F0E94CB9C9C7}C:\program files\cs\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs\hl.exe |
"TCP Query User{1FBD11C1-FB83-4602-AB04-60BC96EB0957}C:\users\human\documents\downloads\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\left 4 dead\left4dead.exe |
"TCP Query User{21CA1DA2-6615-4F62-A9D3-2AF13FE25680}C:\users\human\downloads\starcraft\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\starcraft\starcraft\starcraft.exe |
"TCP Query User{22258979-23DC-442A-8433-089D7D9A5202}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"TCP Query User{2443296B-E9D7-45EF-9711-E491D5043C34}C:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe |
"TCP Query User{25B9B921-C89E-4978-A22F-82B36D3C7EEA}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{28F864FB-B973-4CEC-A9CF-A59432301A67}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{2CF65296-0BC0-4270-92C8-EDD25BEFF0E2}C:\users\human\documents\cs\hl.exe" = protocol=6 | dir=in | app=c:\users\human\documents\cs\hl.exe |
"TCP Query User{2D41823E-6BB7-409C-883C-378742E50750}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{2E8B8419-F0E8-4F3A-8D75-0BE73FBF9F40}C:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{2EB00FF9-67AA-4601-B381-56DC3B7406E1}C:\program files\ggpo\ggpofba.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"TCP Query User{30476879-0CFB-4195-89EC-497151C04E1C}C:\program files\ggpo\ggpo.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"TCP Query User{335A89D1-4521-45A7-8CD4-EC8F316E31E9}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"TCP Query User{34B946B4-9F83-40A5-A476-2CF628FCD5B8}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{373FBC99-B727-49DD-82B8-F8204B234FF8}C:\program files\trackmania nations eswc\tmnationseswc.exe" = protocol=6 | dir=in | app=c:\program files\trackmania nations eswc\tmnationseswc.exe |
"TCP Query User{395DD0BE-835B-41C9-9FCB-5FFD3CDDFCF1}C:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe" = protocol=6 | dir=in | app=c:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe |
"TCP Query User{3A611572-FFA4-4391-92B9-A118185B1F91}C:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat |
"TCP Query User{3FE36E7A-7329-4E77-8A02-3967CA619EE4}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{40DF8021-BBA3-450E-BE68-1A27D0E371B2}C:\program files\cs\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs\hl.exe |
"TCP Query User{49AD9413-60E8-4867-995B-E51B5AE864AB}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{4BAC9DEE-CA73-468D-82FD-A3C74E6CD303}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe |
"TCP Query User{4EEF7085-B773-465E-BC03-24902BBBF21E}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"TCP Query User{4EF264CC-E02E-4EA8-AAF2-6CDF7C9851D1}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"TCP Query User{502C4013-20ED-4804-AE53-16A284DCE0F3}C:\program files\starcraft ii beta\versions\base15250\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15250\sc2.exe |
"TCP Query User{5700424A-0FA4-48F8-8DB9-66B9030093BE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{58996510-8210-41A4-B9F1-6ED9D378BF46}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{5A829F35-B525-4DE3-A924-46ACF1D7D752}C:\program files\thq\titan quest immortal throne\tqit.exe" = protocol=6 | dir=in | app=c:\program files\thq\titan quest immortal throne\tqit.exe |
"TCP Query User{5F510D55-7A57-4187-908B-B9F652003A05}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{5FD59323-F004-4828-A33A-3F6C6F3EC1C1}C:\games\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"TCP Query User{5FDFC8DD-3387-4371-B667-2FD7EF6E7401}C:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe |
"TCP Query User{62D73F82-0A5C-456E-989F-D2AB84143012}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{62E56303-CCD5-4068-A44A-82FFDD81DE19}C:\program files\qtracker\qtracker.exe" = protocol=6 | dir=in | app=c:\program files\qtracker\qtracker.exe |
"TCP Query User{680C25F3-C563-4606-B00E-4AD3F0C8BD5C}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6C66F01E-9DD1-42E4-B354-27EC6D34ED94}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"TCP Query User{6D4AEB67-16B2-4077-82C2-EEEB53FB1EBB}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"TCP Query User{6E17AE0D-3D9F-4B77-A9AF-354B3D698261}C:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe |
"TCP Query User{6E3A83BE-8A20-40E4-92F9-1643344E6EE5}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{6F3C7FD2-CB53-41FA-A682-07928FFB3139}C:\program files\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\fallout 3\fallout3.exe |
"TCP Query User{6F69610C-6016-41B3-8F09-CAA8B6D92363}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{724F7BD0-FE31-4DE5-8C12-BE5F4ABDB153}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{79B7A23B-CE88-441E-B11E-1EAE33D40055}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{7DA3FF45-C63E-4D9F-9BC2-7B7668F5CE9E}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{7EA86034-28BC-4BFB-92FF-B341CD7285C2}C:\program files\ggpo\ggpofba.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"TCP Query User{80E04C99-EF5B-46E8-97A6-ED092F7ED556}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{84469952-3483-4AF4-AAE0-1CECA98CCE94}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"TCP Query User{89889EEF-4037-45B7-A511-5081685F9201}C:\program files\hercules\deluxe optical glass\station2.exe" = protocol=6 | dir=in | app=c:\program files\hercules\deluxe optical glass\station2.exe |
"TCP Query User{8A3CA26C-0A88-4CE2-BCDE-29487BAD6CFF}C:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe |
"TCP Query User{8C53A426-CF1C-47B7-BD37-E6572926F9A3}C:\games\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\games\left 4 dead\left4dead.exe |
"TCP Query User{8E056C0C-59E1-493D-A263-A8E58B094633}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"TCP Query User{9554062E-53E4-4DF2-AC90-1FA1D5860C08}C:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe |
"TCP Query User{96D1CAFB-4C7F-4C8F-94DC-DE2F70BD4D60}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{9B5A9E28-4A60-4941-9CB6-8005B243F99E}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"TCP Query User{A8758638-54F4-4993-802C-27706E110F78}C:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{A97AD82C-2F29-4EB9-837C-792C69D9E7F3}C:\program files\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"TCP Query User{AD3D499E-C057-4E9D-B6AA-E9DCFF461941}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{AD5B3760-90BF-4B64-BA30-C9CF10D8A46C}C:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe" = protocol=6 | dir=in | app=c:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe |
"TCP Query User{B29D51FA-8EC7-4165-8C1F-DA3348BD1EB9}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B5C53588-BBD1-42BF-A97B-D43B41756319}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"TCP Query User{B63CDC5E-40C4-485B-A70C-7AA12A036586}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{B69B1E34-E03D-45AA-B1F4-2CDFBF30A8F3}C:\program files\steam\steamapps\acid-burn\half-life\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\acid-burn\half-life\hl.exe |
"TCP Query User{B7B65461-23A6-4F90-A888-DE4F4BAECDE3}C:\program files\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\program files\unrealtournament\system\unrealtournament.exe |
"TCP Query User{BE806842-B569-4476-8C70-A5F883878B0E}C:\program files\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"TCP Query User{C1C74643-A896-4899-B70D-58658639D5E8}C:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CA90085E-166B-45C7-A133-E4131D202349}C:\program files\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"TCP Query User{D53911D6-E144-4FE8-8F97-7DDE054D0A7E}C:\users\human\downloads\flt-fif8\fifa08.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\flt-fif8\fifa08.exe |
"TCP Query User{D544D8F1-77A2-4FBC-83F2-7F5005539DD3}C:\program files\ggpo\ggpo.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"TCP Query User{D8C4CC8D-310D-4F7B-A7E1-3C4166B38354}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DF989667-3155-43FE-A84C-FB78DB0619A2}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |
"TCP Query User{E36E58A3-C5BC-4414-A2C1-91865ECFDB63}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{E6113D2A-326C-4F6F-881C-E9629BF8D01E}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{E7190A22-089B-4CC7-A0C2-EF0FD0679FCA}C:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"TCP Query User{EC97E04A-996D-4140-8B91-4A24DFCD35B8}C:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"TCP Query User{EF34193B-B940-473B-B2FC-DB0B8A1D0710}C:\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\soldat\soldat.exe |
"TCP Query User{F3E9D09A-1517-4562-BD48-A278437052F3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F8618645-29B6-44B5-B967-A62215E7F689}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{F906E58C-C209-4962-BD0E-F545B2EF3A43}D:\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=d:\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{FDD2E893-C7FE-4388-8739-B8E5BB249AA6}C:\program files\kyodai mahjongg 2006\kmj.exe" = protocol=6 | dir=in | app=c:\program files\kyodai mahjongg 2006\kmj.exe |
"UDP Query User{0328D1E6-26FA-45CC-9097-98A5BC311F54}C:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"UDP Query User{04A401BD-EB5C-4800-981D-E44FB07D538E}C:\program files\ggpo\ggpofba.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"UDP Query User{04CF06C1-CBDB-44CC-9A1C-ED953F1F432E}C:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe |
"UDP Query User{0587D7AD-1A2B-4A9C-A24F-566C18EC27A2}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{0792CD51-BD83-4B2D-B2BB-3555A67911DD}C:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{0996C6CA-852F-4B34-B03E-03EE57E9B504}C:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"UDP Query User{0EDD0CB1-BB2F-4D43-B7EA-C882CB912B1F}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"UDP Query User{1098E10E-3498-4A7B-A4E7-6B141267332C}C:\program files\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\fallout 3\fallout3.exe |
"UDP Query User{119BB6D1-B7BF-4262-921F-DC76FBE9B874}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"UDP Query User{11F3B0E9-69BB-450E-963D-601C02E0F0A6}C:\program files\cs\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs\hl.exe |
"UDP Query User{151EF2FA-BF49-4D81-9EF0-9787659FB147}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"UDP Query User{16F6EEA7-EE89-4299-9387-8E4FD1F398AF}C:\program files\hercules\deluxe optical glass\station2.exe" = protocol=17 | dir=in | app=c:\program files\hercules\deluxe optical glass\station2.exe |
"UDP Query User{1CA8DDBF-C7A6-441C-8AF6-CB1C762D8D80}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1E2440A0-C371-44F1-9574-2AE7C828D533}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{1E355C58-8025-4752-9E6A-4C4C3B1B6EE3}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{20B603F9-9872-4002-8AB7-F53E03032C42}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{21833FCA-F860-4739-A32F-447173B4B3FA}C:\users\human\documents\downloads\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\left 4 dead\left4dead.exe |
"UDP Query User{21995FEE-1C85-4F95-8315-FD09F2955CC5}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{26C3F154-048D-43C5-8A4C-8B662A9B76F5}C:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe" = protocol=17 | dir=in | app=c:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe |
"UDP Query User{26ED5FF3-58CA-4A47-8BAC-229F798EAF01}C:\program files\starcraft ii beta\versions\base15250\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15250\sc2.exe |
"UDP Query User{279C084B-A307-4A3C-8611-52FE3A1451F3}C:\program files\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"UDP Query User{28815B22-34B2-4CFE-9833-4D4671AD507F}C:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe" = protocol=17 | dir=in | app=c:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe |
"UDP Query User{28FACCD7-8BEC-4B71-8A4B-B5B54B4B16AA}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"UDP Query User{29FCF975-9B2D-42DD-87BB-DA816CB3FDD3}C:\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\soldat\soldat.exe |
"UDP Query User{2C18AD3B-02C3-4AE8-B7A9-417D8B1346EF}C:\program files\littlefighter2\lf2_v1.9c\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v1.9c\lf2.exe |
"UDP Query User{2E60C31C-7BC8-44D2-944F-E45EE4E3DB44}C:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe |
"UDP Query User{3129ADE5-39A6-46D4-940D-094FF8980EC3}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{35FD6CA3-0D13-4C6A-A249-C791002A1E04}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"UDP Query User{38B301B9-1DAC-4C4E-96F8-DA14A97AAAFF}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{4562A02C-A698-4834-A605-02C5578AC982}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{493FB3CB-F8F8-4D78-8088-69CEC1634AB3}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{50234F6F-372A-4E38-931E-B4A257920102}C:\users\human\documents\cs\hl.exe" = protocol=17 | dir=in | app=c:\users\human\documents\cs\hl.exe |
"UDP Query User{505FE28F-F344-4ADA-A1FC-47430F3834E1}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{555A2E2E-B99A-4D94-B2C3-4B49ADB882C4}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"UDP Query User{566BD7C2-D147-48AF-A567-E59F85F90442}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"UDP Query User{5D150263-EFDB-42DA-8F5C-14F84579011F}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{6105355F-5C72-4CF5-BD5A-DE7CBBD7EC27}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{62144491-EC00-4890-896B-A7A3EB55994B}C:\program files\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\program files\unrealtournament\system\unrealtournament.exe |
"UDP Query User{68BF0453-5F16-4D80-A150-784D921EB16D}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"UDP Query User{6C22498B-629F-46F5-9DA4-97B90B910943}C:\program files\ggpo\ggpo.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"UDP Query User{6F1A290D-8629-440A-B8D1-4EFBE59F2A89}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{7923A9FA-350F-4A53-8099-B08E6A5F9B32}C:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe |
"UDP Query User{7A1619BD-17AE-4733-8641-0F8D77D07E74}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |
"UDP Query User{7A7831AE-704B-417E-9494-C65E45CE54E7}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{82AEC2D6-FB8D-4C15-8DEB-56F9DD150678}C:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{86466F83-AAA4-4DC7-81A9-E71E903B79BF}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"UDP Query User{87BBFC6A-DCAF-4D5C-B496-A16C181C27C8}C:\program files\ggpo\ggpofba.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"UDP Query User{88C47A1F-901F-494C-9336-AC08D9E6F8CC}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{8B589085-F2FF-4919-A011-A2FEED65EAD7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8CC5F2D5-1916-4A15-8DDD-ABC40EC3965F}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{90CC11F5-85E6-4A74-A59F-26A54566006B}C:\program files\thq\titan quest immortal throne\tqit.exe" = protocol=17 | dir=in | app=c:\program files\thq\titan quest immortal throne\tqit.exe |
"UDP Query User{931C8E54-87F6-4871-B8CB-A8AC48EC9F6F}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{9509E939-AEAB-4D35-A8C2-087F5B07A4A0}C:\program files\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"UDP Query User{9667317D-82D3-4D40-B2CC-E069EFBEFCEE}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{A313D448-C613-4613-80FF-FA94678D7BE8}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"UDP Query User{A6E553C7-48A1-4C20-87E9-F0E42AAA7F3E}C:\program files\steam\steamapps\acid-burn\half-life\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\acid-burn\half-life\hl.exe |
"UDP Query User{A798EE62-40D6-4DF8-8E8D-37D3C378D99F}C:\users\human\downloads\flt-fif8\fifa08.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\flt-fif8\fifa08.exe |
"UDP Query User{AAF96EB5-D968-4C1A-B51A-1AB8C8029309}C:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe |
"UDP Query User{AB885977-266E-449A-BBFA-49207210CDAD}D:\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=d:\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{B0D4DF7B-24E4-40B8-B1F6-3A14DD203888}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B4C00B6A-92AF-489C-8010-C850E2B3CBFB}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"UDP Query User{B7112EC1-90B4-4A53-A7A4-9CD58430482F}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"UDP Query User{B8EA392C-E925-4ED4-98EB-4DCF2268BE43}C:\program files\kyodai mahjongg 2006\kmj.exe" = protocol=17 | dir=in | app=c:\program files\kyodai mahjongg 2006\kmj.exe |
"UDP Query User{BE874B03-8128-4B87-9379-58F264FF1C56}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{BE9363C7-FE79-4A6F-A69D-96FE2E9D9BDD}C:\games\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"UDP Query User{BF874A29-9DED-4E11-AD3B-3CDD1B4767B0}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{C27D8C6D-F6ED-4ABE-BC86-7D6651B1D52D}C:\program files\qtracker\qtracker.exe" = protocol=17 | dir=in | app=c:\program files\qtracker\qtracker.exe |
"UDP Query User{C410CB29-11B1-4410-A6DC-590BDFB871BA}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"UDP Query User{CACE44D8-8361-499A-9094-ABFD66322BA3}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{CB9F9CF9-614D-48DF-BD5E-127C437A2BAF}C:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe |
"UDP Query User{CCA12702-7E11-4C98-8F48-96F70A20AE01}C:\users\human\downloads\starcraft\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\starcraft\starcraft\starcraft.exe |
"UDP Query User{D56645A8-C38F-4D6E-B791-D3599A50A00F}C:\program files\trackmania nations eswc\tmnationseswc.exe" = protocol=17 | dir=in | app=c:\program files\trackmania nations eswc\tmnationseswc.exe |
"UDP Query User{D66A3332-615F-4D22-95DC-71F14325A7D2}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe |
"UDP Query User{D75FCE78-A7A1-4D63-9C7E-CBFF441F8264}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"UDP Query User{E15B99D2-CB67-4D8C-95CA-070A5A94BE7A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{E2B8D6A0-5342-4225-B605-22705EBBF4B7}C:\program files\cs\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs\hl.exe |
"UDP Query User{EA3B1D3E-9566-4C6C-904F-AF36BD8667CC}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{EC15F6B0-954B-40A0-AFF1-5ECC719D9352}C:\games\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\games\left 4 dead\left4dead.exe |
"UDP Query User{F67CE442-6312-4BAA-B497-36C82EE2BFE4}C:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe" = protocol=17 | dir=in | app=c:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe |
"UDP Query User{F86C8511-250B-451C-9EA3-58908F44AADE}C:\program files\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"UDP Query User{F974F1DA-2ECB-4E7A-8190-EC7A1C532B7B}C:\program files\ggpo\ggpo.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"UDP Query User{FA81E9CA-B23F-419D-9D30-8A1C196F2FC6}C:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat |
"UDP Query User{FB0FECD8-08E2-4EC7-8D50-0E28F8BADD8B}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{FDA2F273-98A7-4553-A688-BD4DD5F5F861}C:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{FDEE16AD-203B-45BA-953D-522E40BD65D4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0C88C4A1-A9D7-4C28-8F06-4C2048765193}" = Magic The Gathering - Battlegrounds
"{10209B87-55D6-493E-A30A-12A265AA324E}" = TQ Defiler
"{130C75DC-9DA0-486A-837F-26987EE0A228}}_is1" = Helium Music Manager 2006 (build 5058)
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 15
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}" = Male Voice Pack
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56298F72-C2CC-4FE5-ACEA-30C7A866BF4C}" = Hercules Deluxe Optical Glass
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{68BD9036-0952-4849-AE7A-963BB53EDB71}" = GGPO
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69EA986B-B172-4FAA-B54D-853BD3A2B264}" = Popcap Game Collection
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B2B0D05-2B4A-4855-A47B-D69CD9E3CDD6}" = Impossible Creatures 1.0.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81935798-5D0C-4892-832E-630E6CC07EAF}" = Morrowind
"{8245C111-D83F-4C66-BBC6-2424F6116944}" = TES Construction Set
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9cc89170-000b-457d-91f1-53691f85b223}" = Python 2.6.1
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3382A07-BFF1-4A8D-9524-DEF82AE3F58B}" = League of Legends
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B6A24D2D-1ADB-4553-87FD-38F3FAADC18E}_is1" = The Book of Unwritten Tales 1.0.0.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC5AB595-ABEA-42D3-BD4F-C8014EB20F2B}" = Falk Navi-Manager
"{C1371095-71D0-42C2-B766-43D72278C3DC}_is1" = StoneLoops! 1.05
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C541EEFC-49B0-4976-80DB-4D5B78B50114}" = MorphVOX Pro
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2AD071E-2E86-4E8A-AA66-E8E222F84CDE}_is1" = Replay Explorer 3.0.1
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Any Video Converter_is1" = Any Video Converter 2.7.5
"ASIO4ALL" = ASIO4ALL
"Bookworm Adventures Deluxe 1.00" = Bookworm Adventures Deluxe 1.00
"Collab" = Collab
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"Crayon Physics Deluxe_is1" = Crayon Physics Deluxe - release 51
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II" = Diablo II
"DotAzilla" = DotAzilla
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.9.14
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Garena" = Garena
"Heavy Weapon Deluxe 1.0" = Heavy Weapon Deluxe 1.0
"Hero Fighter" = Hero Fighter
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"Impossible Creatures 1.0" = Impossible Creatures
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"Insaniquarium_Patch_Installer_1.2" = Insaniquarium Patch Installer 1.2
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"IrfanView" = IrfanView (remove only)
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.2
"LAN-Explorer" = LAN-Explorer
"Launch of the Screaming Narwhal" = Tales of Monkey Island - Launch of the Screaming Narwhal
"League of Legends_is1" = League of Legends
"Little Fighter 2 version 2.0a" = Little Fighter 2 version 2.0a
"LogMeIn Hamachi" = LogMeIn Hamachi
"LucasArts' Curse of Monkey Island" = LucasArts' Curse of Monkey Island
"LucasArts' Monkey 4" = LucasArts' Monkey 4
"Machinarium" = Machinarium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Moorhuhn 2 V1.1" = Moorhuhn 2 V1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Natural Selection_is1" = Natural Selection 3.2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PangYa_Eu" = PangYa_Eu (Goa)
"PC Wizard 2008_is1" = PC Wizard 2008.1.84
"Pcsx2_is1" = Pcsx2 0.9.2 Watermoose
"Pen Tablet Driver" = Stifttablett
"PoiZone" = PoiZone
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.0
"PunkBusterSvc" = PunkBuster Services
"QIP Infium_is1" = QIP Infium 2.0.9020 RC3
"QIP2005" = QIP 2005 Uninstall
"Qtracker" = Qtracker
"Runic Games Torchlight" = Torchlight
"ScummVM_is1" = ScummVM 0.13.1a
"ST6UNST #1" = Hero Editor V0.96
"StarCraft II Beta" = StarCraft II Beta
"Steam App 10" = Counter-Strike
"Steam App 21660" = Street Fighter IV
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Siege of Spinner Cay" = Tales of Monkey Island - The Siege of Spinner Cay
"TmNations_is1" = TrackMania Nations ESWC 1.7.9
"Toxic Biohazard" = Toxic Biohazard
"TreeSize Free_is1" = TreeSize Free V2.3.3
"TVUPlayer" = TVUPlayer 2.4.9.1
"Uninstall_is1" = Uninstall 1.0.0.1
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"UT2004" = Unreal Tournament 2004
"Veoh Web Player Beta" = Veoh Web Player Beta
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"YASA Video Converter v3.4 (build 0065)" = YASA Video Converter v3.4 (build 0065)
"zbattle.net_is1" = zbattle.net 1.09 SR-1 beta
"Zeno Clash_is1" = Zeno Clash
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Fallout 3 - Complete DLC Pack" = Fallout 3 - Complete DLC Pack
"Muziic Player & Encoder" = Muziic Player & Encoder
"NoNameScript" = NoNameScript
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"QIP 2005" = QIP 2005 8095
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.05.2010 08:18:55 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 10.05.2010 09:34:42 | Computer Name = Kyoto-Shi | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x00564544,
fehlerhaftes Modul D3D8.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4791a65b,
Ausnahmecode 0xc0000005, Fehleroffset 0x6567696c, Prozess-ID 0x1670, Anwendungsstartzeit
01caf03e9209151e.
Error - 10.05.2010 11:57:06 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 11.05.2010 08:29:49 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 12.05.2010 08:28:24 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 12.05.2010 19:36:16 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 13.05.2010 04:59:47 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 14.05.2010 04:37:44 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 14.05.2010 06:46:08 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
Error - 14.05.2010 15:18:22 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
[ System Events ]
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 14.05.2010 04:31:30 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
Error - 14.05.2010 05:18:28 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Firewall | ID = 6400
Description =
Error - 14.05.2010 06:40:11 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
Error - 14.05.2010 06:40:46 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Firewall | ID = 6400
Description =
Error - 14.05.2010 15:12:04 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
< End of report >
Gruß, Mihael |
|
14.05.2010, 21:56
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | firewall blockt explorer.exe Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2010.05.14 11:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Human\AppData\Roaming\lowsec
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.05.2010, 17:39
| #6 |
| | firewall blockt explorer.exe Hallo cosinus, ich bin jetzt seit 6 Stunden am fixen, jedoch war ich mir vorher nicht bewusst, dass dies solange dauern würde. Dauert dies immer so lange?  für die bisherige Hilfe! |
|
16.05.2010, 18:47
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | firewall blockt explorer.exe Nee eigentlich nicht. Lief er denn druch oder ist OTL bzw. Dein Rechner abgestürzt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.05.2010, 19:41
| #8 |
| | firewall blockt explorer.exe Hm.. irgendwas muss schief gelaufen sein, jedenfalls habe ich nach 12 Stunden das Programm mit Gewalt geschlossen und habe dann rebooted. Nach dem reboot hat Windows nicht mehr gebooted - habe also auf Windows 7 geupgraded und musste feststellen, dass ich viele viele Dateien verloren habe, ca. 50-70gb :/ ärgerlich |
|
17.05.2010, 10:53
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | firewall blockt explorer.exeZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu firewall blockt explorer.exe |
| adobe, defender, explorer.exe, firefox, firewall, hijack, hijackthis, icq, internet, internet explorer, logfile, messenger, micro, microsoft, mozilla, nvidia, object, pdf, plug-in, rundll, software, system, system32, teamspeak, virus, vista, windows-firewall |
Linear-Darstellung
