|
Plagegeister aller Art und deren Bekämpfung: C:\ProgramData\iLeAAmvQHHaC.exe | Macht große ProblemeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.04.2011, 19:18 | #1 |
| C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme Hallo, Seit einer Stunde hat mich ein Virus Heimgesucht ich bin mir nicht im klaren wie ich ihn bekommen habe , da ich nichts heruntergeladen habe. Kommen wir zum Problem : Ich bemerkte den Virus als mein System viele Fehler anzeigte (in kleinen Fenstern) darin stand z.b Ram useage is critical und andere HardWare fehler Mein Avast zeigte mir C:\ProgramData\iLeAAmvQHHaC.exe als gefährliche Datei an , als Avast sie angeblich gelöst hatte und ich meinen PC neugestartet hatte ging der Spaß mit den Fehlermeldungen von vorne los. Dann wollte ich den guten alten TaskManager verwenden aber auch der war weg.Viele (fast alle) Desktop Verknüpfungen waren verschwunden und der Desktop Hintergrund war Schwarz und ich konnte ihn auch NICHT verändern. Wahrscheinlich werden die meisten Antworten sein -> neu Aufsetzen nur mein Problem : als ich den PC kaufte war keine Windows CD dabei (ich hab Vista) und wenn ich den neu PC aufsetze möchte ich ungern Xp.sp3 draufhaun. Gibt es keinen anderen Weg ? lg NiCeOnE |
14.04.2011, 20:04 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme Hallo und
__________________Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
14.04.2011, 20:39 | #3 |
| C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme Werde morgen alle Logs posten wenn ich es hinbekommen ,
__________________weil ich geb ehrlich mit sowas hab ich net viel am Hut Danke für die schnelle Antwort Bis morgen denn. lg NiCeOnE |
15.04.2011, 11:01 | #4 |
| C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme OTL Logs : 1.OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.04.2011 12:20:18 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ricardo\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,48 Gb Total Space | 258,08 Gb Free Space | 56,66% Space Free | Partition Type: NTFS Drive R: | 10,28 Gb Total Space | 6,22 Gb Free Space | 60,51% Space Free | Partition Type: NTFS Computer Name: RICARDO-PC | User Name: Ricardo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ricardo\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.) PRC - C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) PRC - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Ricardo\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- File not found SRV - (MSSQLServerADHelper) -- File not found SRV - (DarkDayMt2) -- File not found SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll () SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (TunngleService) -- C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.) DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.) DRV - (VMparport) -- C:\Windows\System32\drivers\vmparport.sys (VMware, Inc.) DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.) DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.) DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.) DRV - (vmusb) -- C:\Windows\System32\drivers\vmusb.sys (VMware, Inc.) DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.) DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.) DRV - (vmm) -- C:\Windows\System32\drivers\VMM.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.) DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation) DRV - (VPCNetS2) -- C:\Windows\System32\drivers\VMNetSrv.sys (Microsoft Corporation) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (HECI) Intel(R) -- C:\Windows\system32\drivers\heci.sys (Intel Corporation) DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.) DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider) DRV - (Cardex) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (JGOGO) -- C:\Windows\system32\drivers\jgogo.sys (JMicron ) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (tandpl) -- C:\Windows\System32\drivers\tandpl.sys () DRV - (enodpl) -- C:\Windows\System32\drivers\enodpl.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://google.de" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.03.04 17:37:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 19:36:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 19:36:02 | 000,000,000 | ---D | M] [2011.03.03 22:26:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Extensions [2011.04.14 16:13:50 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions [2011.03.03 22:31:47 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.17 23:23:10 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.06 18:39:43 | 000,000,000 | -H-D | M] (Battlefield Play4Free) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\battlefieldplay4free@ea.com [2011.04.14 16:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010.01.23 20:22:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.11 16:39:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.03.04 17:37:34 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2010.06.11 16:39:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009.09.21 12:05:20 | 001,193,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv41629.dll [2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2009.04.08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\Mozilla Firefox\plugins\NPOP7PlugIn.dll [2011.02.19 04:41:40 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.02.19 04:41:40 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2011.02.19 04:41:40 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.02.19 04:41:40 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.02.19 04:41:40 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.03.08 21:09:17 | 000,000,040 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 50.23.193.194 download.gameclub.com O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - No CLSID value found. O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [iLeAAmvQHHaC] File not found O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: Free YouTube Download - C:\Users\Ricardo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ricardo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\hrthrh2.exe) - File not found O24 - Desktop WallPaper: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0ca4d0ea-037e-11de-af42-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0ca4d0ea-037e-11de-af42-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (aswBoot.exe /M:a12cd29504) - C:\Windows\System32\aswBoot.exe (AVAST Software) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.15 12:18:36 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Ricardo\Desktop\OTL.exe [2011.04.14 21:43:59 | 000,000,000 | ---D | C] -- C:\Users\Ricardo\AppData\Roaming\Malwarebytes [2011.04.14 21:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.14 21:42:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.14 21:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.14 21:42:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.14 21:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.04.14 18:41:36 | 000,552,960 | -H-- | C] (WinSCP) -- C:\Users\Ricardo\Desktop\test.exe [2011.04.14 16:27:44 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\MineCraft [2011.04.10 18:35:54 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\Neuer Ordner [2011.04.10 17:14:23 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Stronghold 2 [2011.04.10 17:13:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios [2011.04.10 17:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Firefly Studios [2011.04.09 21:33:02 | 000,000,000 | -H-D | C] -- C:\Windows\PIF [2011.04.09 19:06:15 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\Cf Perfect Title Deserve [2011.04.09 17:12:06 | 1891,178,662 | -H-- | C] (InstallShield Software Corporation ) -- C:\Users\Ricardo\Desktop\levelr.exe [2011.04.06 19:10:52 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Battlefield Play4Free [2011.04.04 17:14:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2011.04.04 17:14:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2011.04.03 16:29:23 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\OverKiller 3.0 with Injector [2011.04.02 22:28:37 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Roaming\Screaming Bee [2011.04.02 22:26:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee [2011.04.02 22:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee [2011.03.30 18:04:59 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Local\LogMeIn Hamachi [2011.03.30 18:02:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.03.30 18:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2011.03.25 19:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Tunngle [2011.03.25 19:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Roaming\Tunngle [2011.03.25 19:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2011.03.25 19:59:48 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\Windows\System32\drivers\tap0901t.sys [2011.03.25 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle [2011.03.24 20:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2011.03.23 13:50:13 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.03.23 13:50:12 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.03.19 16:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\PBSetup [2011.03.19 00:26:41 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Battlefield 2 [2011.03.19 00:16:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy [2011.03.19 00:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy [2009.09.24 14:03:29 | 000,891,392 | -H-- | C] (Microsoft Corporation) -- C:\Users\Ricardo\AppData\Roaming\kernel33.dll [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.15 12:18:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Ricardo\Desktop\OTL.exe [2011.04.15 11:59:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.15 11:58:10 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.04.15 11:55:14 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.15 11:55:01 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.15 11:55:00 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.15 11:54:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.15 11:54:13 | 3220,451,328 | -HS- | M] () -- C:\hiberfil.sys [2011.04.15 11:50:51 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (5).lnk [2011.04.15 11:50:42 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (4).lnk [2011.04.15 11:48:59 | 000,000,104 | ---- | M] () -- C:\Users\Ricardo\Desktop\Papierkorb (2).lnk [2011.04.15 11:38:25 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9956EA11-3179-4BA7-85BD-7D42D6A00C4A}.job [2011.04.14 21:57:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2011.04.14 21:42:44 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.14 19:04:03 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (3).lnk [2011.04.14 19:00:49 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (2).lnk [2011.04.14 18:41:40 | 000,552,960 | -H-- | M] (WinSCP) -- C:\Users\Ricardo\Desktop\test.exe [2011.04.13 17:13:27 | 000,007,900 | -HS- | M] () -- C:\Users\Ricardo\Desktop\Folder.jpg [2011.04.13 17:13:27 | 000,002,280 | -HS- | M] () -- C:\Users\Ricardo\Desktop\AlbumArtSmall.jpg [2011.04.13 17:12:25 | 009,264,428 | -H-- | M] () -- C:\Users\Ricardo\ts3_recording_11_04_13_17_11_17.wav [2011.04.12 17:44:27 | 002,778,587 | -H-- | M] () -- C:\Users\Ricardo\Desktop\MineEdit-RELEASE-11212010.7z [2011.04.11 22:03:35 | 000,770,304 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.11 22:03:35 | 000,724,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.11 22:03:35 | 000,183,176 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.11 22:03:35 | 000,153,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.11 21:58:26 | 003,811,456 | -H-- | M] () -- C:\Users\Ricardo\Desktop\David guetta ft Rihanna - Whos That Chick.mp3 [2011.04.10 17:20:48 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold 2.lnk [2011.04.09 23:07:21 | 000,000,214 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Garry's Mod.url [2011.04.09 17:58:27 | 1891,178,662 | -H-- | M] (InstallShield Software Corporation ) -- C:\Users\Ricardo\Desktop\levelr.exe [2011.04.08 22:53:57 | 000,138,264 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.04.08 22:53:49 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2011.04.08 18:24:04 | 000,000,743 | -H-- | M] () -- C:\Users\Ricardo\Desktop\KeyBinder.lnk [2011.04.06 19:10:15 | 000,138,056 | -H-- | M] () -- C:\Users\Ricardo\AppData\Roaming\PnkBstrK.sys [2011.04.05 17:12:07 | 000,397,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.04 17:14:49 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2011.04.03 12:13:21 | 000,000,692 | -H-- | M] () -- C:\Users\Ricardo\Desktop\SaMp.lnk [2011.03.30 21:42:56 | 000,001,156 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Free YouTube to MP3 Converter.lnk [2011.03.24 20:03:41 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2011.03.19 18:31:44 | 000,001,004 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Battelfield 2.lnk [2011.03.19 00:17:04 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe [2011.03.18 14:18:28 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.15 11:51:06 | 000,001,689 | ---- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox - Kopie (2).lnk [2011.04.15 11:50:51 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (5).lnk [2011.04.15 11:50:42 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (4).lnk [2011.04.15 11:48:59 | 000,000,104 | ---- | C] () -- C:\Users\Ricardo\Desktop\Papierkorb (2).lnk [2011.04.14 21:42:44 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.14 19:17:02 | 3220,451,328 | -HS- | C] () -- C:\hiberfil.sys [2011.04.14 19:08:28 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox - Kopie.lnk [2011.04.14 19:04:03 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (3).lnk [2011.04.14 19:00:49 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (2).lnk [2011.04.13 17:11:22 | 009,264,428 | -H-- | C] () -- C:\Users\Ricardo\ts3_recording_11_04_13_17_11_17.wav [2011.04.12 17:44:20 | 002,778,587 | -H-- | C] () -- C:\Users\Ricardo\Desktop\MineEdit-RELEASE-11212010.7z [2011.04.11 21:58:05 | 003,811,456 | -H-- | C] () -- C:\Users\Ricardo\Desktop\David guetta ft Rihanna - Whos That Chick.mp3 [2011.04.10 17:13:53 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold 2.lnk [2011.04.09 23:07:21 | 000,000,214 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Garry's Mod.url [2011.04.04 17:14:49 | 000,000,703 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2011.04.03 12:13:21 | 000,000,692 | -H-- | C] () -- C:\Users\Ricardo\Desktop\SaMp.lnk [2011.04.03 12:12:45 | 000,000,743 | -H-- | C] () -- C:\Users\Ricardo\Desktop\KeyBinder.lnk [2011.03.27 22:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011.03.24 20:03:41 | 000,000,967 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2011.03.24 20:03:41 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2011.03.19 18:31:44 | 000,001,004 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Battelfield 2.lnk [2011.03.17 23:22:51 | 000,001,156 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Free YouTube to MP3 Converter.lnk [2011.03.04 14:08:10 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini [2011.03.03 22:26:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.02.21 18:48:22 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AuyiliaryDisplayClassInstaller.dll [2011.02.03 15:40:25 | 000,000,552 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\d3d8caps.dat [2010.12.14 20:57:04 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.11.27 16:47:13 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe [2010.10.22 17:31:31 | 000,053,248 | -H-- | C] () -- C:\Users\Ricardo\AppData\Roaming\chrtmp [2010.10.09 16:44:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.06.10 22:38:40 | 000,000,440 | ---- | C] () -- C:\Windows\ODBC.INI [2010.05.14 23:00:35 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010.05.07 13:07:14 | 000,000,600 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\PUTTY.RND [2010.05.06 16:56:25 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll [2010.05.03 20:51:02 | 000,000,859 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{3DB43E0E-CDC6-49E0-AE19-190E8D0730D7}_sta [2010.05.03 20:51:00 | 000,000,856 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{3DB43E0E-CDC6-49E0-AE19-190E8D0730D7}_prof [2010.04.09 23:49:30 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.03.23 22:13:57 | 000,000,095 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\fusioncache.dat [2010.03.20 16:48:46 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F27BC7BB-9DFF-4157-9B87-EFBEFBB5512E}_sta [2010.03.20 16:45:42 | 000,000,833 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F27BC7BB-9DFF-4157-9B87-EFBEFBB5512E}_prof [2009.12.29 01:40:38 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe [2009.12.29 01:40:38 | 000,000,863 | ---- | C] () -- C:\Windows\unins000.dat [2009.12.10 20:38:34 | 000,000,340 | ---- | C] () -- C:\Windows\Lexstat.ini [2009.12.01 17:52:12 | 000,036,864 | ---- | C] () -- C:\Windows\uinst001.exe [2009.10.15 14:15:35 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.09.24 14:03:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.24 14:03:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.08.10 21:33:10 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.08.10 21:33:10 | 000,138,056 | -H-- | C] () -- C:\Users\Ricardo\AppData\Roaming\PnkBstrK.sys [2009.08.10 21:32:57 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.08.10 21:32:50 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.08.10 21:32:46 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009.06.24 20:27:15 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{203ABEFF-3C0C-4603-8DED-363B50D295EE}_sta [2009.06.24 20:27:12 | 000,000,857 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{203ABEFF-3C0C-4603-8DED-363B50D295EE}_prof [2009.06.13 19:53:53 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{5C4DED7A-A9EC-4E78-A159-6EA8A6C68109}_sta [2009.06.13 19:53:43 | 000,000,856 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{5C4DED7A-A9EC-4E78-A159-6EA8A6C68109}_prof [2009.05.29 21:18:42 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll [2009.05.29 21:18:42 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll [2009.05.29 21:16:14 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys [2009.05.29 21:16:14 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys [2009.05.04 15:28:16 | 000,000,859 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F1FB4F9C-7684-4DD9-8541-DC861C626D43}_sta [2009.05.04 15:26:47 | 000,000,855 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F1FB4F9C-7684-4DD9-8541-DC861C626D43}_prof [2009.03.30 13:38:55 | 000,048,128 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.03.29 16:45:07 | 000,001,500 | ---- | C] () -- C:\Windows\eReg.dat [2009.03.29 16:20:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.03.07 06:26:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.03.05 17:32:38 | 000,001,356 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\d3d9caps.dat [2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.06.20 10:00:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2008.06.20 09:09:17 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.01.21 10:21:25 | 000,770,304 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 10:21:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 10:21:25 | 000,183,176 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 10:21:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.02.07 19:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini [2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:44:53 | 000,397,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 12:33:01 | 000,724,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,153,850 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.06.07 15:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll [2006.03.07 13:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll [2006.01.10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll ========== Files - Unicode (All) ========== [2010.10.26 15:36:42 | 000,000,000 | -H-D | M](C:\Users\Ricardo\Documents\?? ???) -- C:\Users\Ricardo\Documents\넥슨 플러그 [2010.10.26 15:36:42 | 000,000,000 | -H-D | C](C:\Users\Ricardo\Documents\?? ???) -- C:\Users\Ricardo\Documents\넥슨 플러그 ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:264CCFA4BBACBB5E < End of report > Geändert von NiCeOnEEE (15.04.2011 um 11:38 Uhr) |
15.04.2011, 11:39 | #5 |
| C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme OTL Log 2.OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.04.2011 12:20:18 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ricardo\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,48 Gb Total Space | 258,08 Gb Free Space | 56,66% Space Free | Partition Type: NTFS Drive R: | 10,28 Gb Total Space | 6,22 Gb Free Space | 60,51% Space Free | Partition Type: NTFS Computer Name: RICARDO-PC | User Name: Ricardo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02EA207B-F72F-40B3-97BC-E225897E7401}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{09E713D8-C811-4E2A-ACB2-3AD57F64BEE2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{1CBE69B3-4E0A-4FA8-8244-C5C2D7E76EA7}" = rport=138 | protocol=17 | dir=out | app=system | "{244F93B6-AE54-4359-8581-B1D5091A6356}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 | "{274C36B7-02A5-4B4C-867D-25FD95A1B375}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{281174FD-4852-48D6-98E9-5083646D239C}" = rport=137 | protocol=17 | dir=out | app=system | "{363813DA-BE5E-4835-B97C-23B13C89654B}" = lport=138 | protocol=17 | dir=in | app=system | "{3F33EA9F-65AB-4224-90AC-9B6C5AB67C37}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{46B03512-8F92-4A95-8441-9F90275A95F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{48677201-B5E9-4E22-A4D6-69EE571B3EFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5EB7FB9F-B2CF-419C-BBAA-81A810A0C637}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{711E4D9F-C3AC-4F39-A25E-4C80DBE9342F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7750CD8F-0A17-40DB-8C07-E9A3C2C16A88}" = rport=445 | protocol=6 | dir=out | app=system | "{814F07B5-5D1C-4B23-9F3B-35227793E65F}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{8330935E-66EF-4985-B072-51918DE2C73B}" = lport=445 | protocol=6 | dir=in | app=system | "{896C5775-6D61-45AC-A374-79264F8AD01C}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface | "{A0BEB53D-E82D-485D-B1EF-E948DD445563}" = lport=137 | protocol=17 | dir=in | app=system | "{B0226A7E-66B4-4DE0-98B5-2E83CAA40DB6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B5034464-8680-4E54-85B3-0F16EE57874B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{BD0741CC-8BEF-4741-A487-083FDF66F2B0}" = lport=5938 | protocol=6 | dir=in | name=teamviewer | "{BFFF02DB-A4C9-4AB1-8DDF-3B786B1F4775}" = rport=139 | protocol=6 | dir=out | app=system | "{C73CB631-A37C-43C3-85D0-69963B26EA5C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CEA725AF-E156-4427-8B00-A104B7DE86A1}" = lport=139 | protocol=6 | dir=in | app=system | "{DBCA8294-15ED-4FA1-941C-1010ACCBF364}" = lport=49168 | protocol=6 | dir=in | name=akamai netsession interface | "{EFCD033B-BF93-43E8-963E-33DE6E29FFBA}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{FE4EFE4B-246A-45D5-B2BA-3B461BF7EAA6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0123BC74-8478-402E-9065-B09841C0C6B7}" = protocol=6 | dir=in | app=c:\blackshot\blackshot\system\blackshot.exe | "{0131DC15-A7AF-40EC-9890-66432C38DB1A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{020EEA3B-BF65-4B84-8073-F1807F3CCE4A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{04648381-5C3E-4C42-B885-25343B9E716B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{049D2303-C14B-495D-8A88-CAA0D0CA9160}" = protocol=6 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe | "{05893A7C-9C21-4DDA-A364-47C7CC942758}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{05CB0241-2487-4CAE-B5EE-3A1D6EFBDC3C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{05E62F01-8F2A-4171-A5A1-94A1D1240188}" = protocol=17 | dir=in | app=c:\windows\system32\lxczcoms.exe | "{0632AAA9-A4AC-4D17-AE6C-A9067DA9A3BB}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | "{063E60FE-33DD-4A07-84CE-A1923BB8A0D5}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | "{07BDF846-2073-48CA-8C30-CF95B92A0E07}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{08F6DEA3-F483-4A9E-8E05-EAA885213CF6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{097CE863-268E-4E6C-876E-E5D0640FD6A8}" = protocol=17 | dir=in | app=c:\maxga\snowboundonline\run.exe | "{0BE553A9-014C-4A91-8B31-5E366C808DC7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0C240E61-44E8-4684-8142-722A2D9F456F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{0C89D5C9-805F-4A8C-9804-672B13A8AAD0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{0DED8314-D3CC-46ED-AF86-F54A795D4D11}" = protocol=6 | dir=in | app=c:\windows\system32\lxczcoms.exe | "{0E30E926-B98D-4F7E-9AE3-35CEAEB5F3AC}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe | "{0E5DCED6-D6EB-49E7-9A23-1780D6F8EAD6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{0FE9E892-FCD1-417C-B285-B33E37561555}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1027DD4F-FEFB-4EAD-8D63-0AA49505F88D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1165F33D-F936-4128-BF22-AF0D4316A4A7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{180FA74F-0A20-4990-98B2-6C0C83235FE6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{188A4EF0-2841-42BC-BB1C-FB97A435B9CE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{1AFAD52E-14A7-4BF5-80F2-84DA68F9D76A}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{1C918809-8A67-484A-AD29-3DDB4E808348}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm | "{1E5ED4A9-4475-4549-A2F5-454C06954261}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{204E13D3-D283-4D3A-B777-A80C6BC86C95}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{2072B412-A902-4F99-8D18-492C70F8E068}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{20B2F26C-318A-4456-BF51-8E4E894A0513}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{2271BC41-1935-421E-ADC6-5683C00B267C}" = protocol=6 | dir=in | app=c:\program files\blackshot\blackshot\system\blackshot.exe | "{24655281-7D91-4039-9D31-12024628E557}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{246A339E-0C1B-4D4C-BBE3-F6C053414A18}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{24B0E722-CF5E-4CDE-A3B4-C0012FD8F740}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{272EAAC3-5A76-4400-9717-6B5F0300E2BC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | "{29BBAD06-16C5-4D9A-A628-D0AD6F7FA130}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{2A2D641E-28B8-434A-B6CB-E42976415D25}" = protocol=17 | dir=in | app=c:\program files\blackshot\blackshot\system\blackshot.exe | "{2ADDC2AE-A0C3-4092-8452-619EB7B8BA4C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2AF8FA92-5AE8-4AF3-B20C-D0A4CB05194E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2B3757B3-75E1-43F3-A13B-C66135F44368}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2C668B8E-4CF0-4D8A-B08A-1864012F5651}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2F7CF1CF-E9E6-4EF1-9B4F-162CC2E17630}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{30409FF4-FB90-41FD-BB85-2E4EF127EC40}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\rasor23\counter-strike source\hl2.exe | "{30A22B4F-AB34-46D3-BAD9-E88CB9816BDE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{31018566-64EA-40D2-B903-6C2781024ED4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{32819504-4F53-42F0-8AA3-CE6CB762E759}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe | "{358C1382-4561-409C-B46F-8FC07B970CAC}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{36D13D24-30CD-449F-977D-A0F2D43EF2E6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{375DE26E-67A1-4C5E-9F90-4EA269050710}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{37BBCFD9-4FCF-4F06-A7D8-BFFEB57D23CF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\rasor23\age of chivalry\hl2.exe | "{3A416DA1-B7A2-479C-B48F-B7C85943F41D}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{3A718332-9326-4AE0-A4ED-8DF68BE7CC9E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3D1A4117-BF11-41AE-8680-427C4FF6FC1A}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | "{3D648975-2722-409E-9559-407D5BC4FD6D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{3E3B63FF-6AFC-4B37-A837-19A06447C83B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3E662771-9113-4996-9DE5-804FC6AD75DC}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe | "{3EBD33E8-E256-464A-9349-B1ADA81A020C}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{3FE4D76C-AB28-415B-A08A-844447BDCB95}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{456A7A13-B1D5-48FA-B1F1-6CC49323BD82}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\rasor23\garrysmod\hl2.exe | "{48F63B89-A661-46DD-9955-B50C7ADDDFF3}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | "{4AF8D54B-AFAF-4291-AAFE-D983E8A5C234}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4C8A34C7-D714-4404-8681-50A7453BD252}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4CC483E9-306B-4F8E-8E42-FBABF5D8EF30}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4D472ACC-52B8-427E-A137-88D5FCB8C3C2}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{4DE7E4FC-0DB7-4D71-9510-A306EDF547A9}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{4E4C9832-0ED4-4E47-968F-56B126C08735}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4FB6B078-0962-4347-8D80-B0199A8A4502}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "{50AD4DD6-9728-447C-9C1F-7510C35CD022}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{50B1F21D-68B8-4410-B5A8-527F00A5D0C6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{50F5A4E5-25CB-4E89-9D84-65D65C624DBF}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{55024E37-16BA-4965-BA82-1BE76C9451DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5513BABB-6EBE-4752-A20E-1339E632AA26}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{56056C99-DD39-4256-9E53-19495CFE97C5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{577B2D48-537E-4328-9651-175E973B83E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5887670F-4660-4BAD-8260-E02865A57C4D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{59362616-F0B9-474D-AB3D-A46F5D7B69B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5A05E0F9-88CF-4967-A5A8-E365AE25E426}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{5B0D48CC-AF74-44F6-81C0-A148A6079337}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5B0E20A5-AD51-4A0B-8527-28208D3FE5D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5B106CB6-5932-4CF5-9899-40715BB08EEE}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{5D24CD8F-59B2-4C66-A4FB-7DA63F7A490B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{5D3779E0-A254-4E5C-B595-9EBDD87680D0}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | "{5D7347C3-245B-4EF0-8817-16EDAC190904}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5FD31AEB-6C7E-4B4A-BDAE-9797435AAE35}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{608F90D0-2BB1-4EC4-A6CF-B1E7CF53E125}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{619F14A1-FF32-4E55-B68E-12D83C5A0AA0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6305FFA2-FBF8-43BA-888A-7F428E603A9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{632582D2-315D-4844-B2ED-C13552BDCFBB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6827A376-B650-4E0E-8B5E-4C033BEC452A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6864A19D-61A7-4FDC-872E-F8BA0DF2368E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{69AC1D41-E6A9-4F9C-99F9-AEBD08223CB7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{69C2EC3B-AC09-44C6-A582-E041DB93915D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{6A230566-BC94-48F3-BA86-0642019C97F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6D6A9C55-30F3-466B-B0E1-B142F48371D8}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | "{6E50AF17-A59A-4308-AF0F-933194918A5B}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{735C7A90-0186-4E8B-9F10-066B5386C8EB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{7469F6C2-29AD-493F-B8FA-75E00FC556DB}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{7516478E-A9AB-4022-AF55-7E029CE97F8E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{79AA1D30-58F1-45DB-A8E2-6525C8D09046}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7AA449A0-D6F6-4073-8822-1C4BD1A244A6}" = protocol=17 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe | "{7C02EDA6-8B96-4A7E-8E19-DE3636C16B8D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{7C1DC3AB-6A25-4B6B-9EAC-9FF6F654B480}" = protocol=17 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe | "{7CAFD257-5002-454A-9FA3-0CA7A4EEAEC0}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7D46AC73-9B38-4940-8797-F7D55561C09D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7E1133B3-5E8A-4584-9D80-757C11C9F5F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7E776AF0-DB18-4B20-B02D-54CCF4825B3F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{7EFABB13-002B-4BDE-AF75-B6278F4C17D6}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "{7FE9ED4D-A0AB-4141-B648-AD5EE762CD01}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "{7FEB32F5-E752-4C5D-9B48-44B4FC0D3B5C}" = protocol=6 | dir=in | app=c:\program files\z8games\crossfire\cf_g4box.exe | "{80BBD211-EAB5-4318-8F38-E0D6664719C7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{80C51813-DF52-4831-9FF4-A8FF61E4E7BC}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{82513328-55FD-415E-B2B9-056A46DF2FF1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{83C41F3F-B003-42F3-AA00-5A7BAAC5948C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{84472148-45DB-4092-93DC-6522073E7101}" = dir=in | app=levelr.bin | "{863A632C-B4B0-496F-A753-0DE35DF76342}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\rasor23\age of chivalry\hl2.exe | "{86A8C909-FC91-4B84-B722-D7C2EDBE3F34}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | "{883A6E24-2BD9-459D-B266-E0FA01846B42}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{88CDB1DE-3C0A-4492-B4B6-3F71A50D495F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8A40457C-1370-420B-81DC-5EA5526DAB4D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8FD7D5B8-F1B3-481A-9458-2F69D9619E52}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{917D58D9-21FA-4150-9C91-6C18015B2665}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{94702976-AFFD-49EE-A098-4FF490E7DBBA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{9482847A-F96A-40CC-9C15-7AAF2CA31223}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{94DEE60A-AB9C-4D32-AC15-6DCDD60EA639}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{95D7247B-B0E3-4292-AF92-8C23E44C612A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{988B5110-D84F-457D-B244-1E2ED88CED4C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{98E1DEC1-1D79-4854-974E-8C86C55A211D}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{99260326-B453-48B6-BD33-9058370F0A58}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{99718125-E6D2-47FB-82CB-0ACC1EED7EDD}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9BA37F0B-AD27-4650-AAD5-405544F20B1D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9BFE8F54-C40F-48DE-ADF5-B3A0F8A4FBD4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\battlefield 2\bf2.exe | "{9C85E720-1CF0-4F66-A539-DD301E5AA39F}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{9D0ECE0B-8CE5-41AA-9CB1-9A5B29ADB339}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9D116A15-DEC3-4ABD-94DC-6B249C3E691C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9EE9D535-8574-4B41-B084-76239EB35D5B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A0FB8F00-1062-4551-8BCD-ACAD2A358B0E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A18377AA-42FC-497F-8385-5D9AB31F8B07}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{A461010E-6D22-4DA7-BC03-5E980EACB709}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A5341FF9-F2AF-430B-B3D0-7DAD5678BBDD}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{A56EA5BE-E8E8-4408-B410-21E3EE001B71}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{A75019FE-1800-4391-AE8C-1D34F713A7FC}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{A85F8E10-0D9C-4C11-99BF-0F0BB4AB96EA}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AD5B771A-35BF-4A82-8FB7-53D5AE258252}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AF11223B-6483-427F-883F-440655FEC8EA}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe | "{B1607F93-0013-400A-B564-D169E6FBF8BB}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{B229EA37-E470-4AAC-BEC2-F3D1DBCD17EE}" = protocol=17 | dir=in | app=c:\program files\z8games\crossfire\cf_g4box.exe | "{B23752A6-3013-4A4B-B11D-24FB1B4EAD91}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{B2892BBD-C9E6-4D11-B6A6-32EE66155846}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B395C36F-D902-403F-AC1B-C530EB5BD470}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B3965519-AA18-444A-993C-C32D474D7014}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B44873CB-8A46-4F61-8988-0F8ECD64E43B}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | "{B5875A25-E92C-41BA-8352-AF3988AFDE98}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | "{B731E589-0A95-4AFC-9353-ACBDEEE42904}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | "{B741C5A2-BB1A-4528-A5E8-44AFCC5818F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B7F318A4-84F0-4C42-9D34-A453D931D667}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{B9987619-961A-443D-BD30-1C0E506D6712}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BB3FBC00-B9A4-4723-80B6-8273A4BF51AE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BBD19A97-44D8-4DDE-901E-4546D69CD487}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{BC1E61EA-7D67-4471-9F5E-1C94CBB71845}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | "{BC6689D6-E8C0-41BA-9CBC-8F0305B008CF}" = protocol=6 | dir=in | app=c:\maxga\snowboundonline\run.exe | "{BC96794B-3DA3-44D8-8FB8-6CE21DF8AC21}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BDDA2DBB-B3C2-48C8-8EAA-0276F866BC5D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{BE77F793-2106-4597-92E3-43A37AB0345D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BEB65AE7-824A-477F-A897-CF23D2BAC112}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\rasor23\counter-strike source\hl2.exe | "{C32B0B9D-C333-4BB9-B7E6-BDB76C34F28E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\rasor23\garrysmod\hl2.exe | "{C410FE6E-68CF-48F1-8794-24672D344888}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{C4595F41-D0A2-48D7-9303-90C381F2C8B1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C5D8B920-1EED-499C-8766-28DF4731739A}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{CC5A32D6-726E-459D-A344-A80E16F01C4B}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{CC8157C5-8D3E-4C2F-8279-8C16D58F0AD6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{CD4146FE-0035-4E0B-99BD-29ABA5E3E5F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{CDC7D1C8-FA31-494A-BEAC-5B183A0A8BE6}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | "{D2BD23A2-C958-4FE3-949E-FE15655A1374}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D31175BC-D7AD-45E5-B8E0-091297ACA2E9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D4470699-D21A-4B11-A2E3-7C6B4399E1EC}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | "{D47C2B71-34E8-4123-8568-C5172FE57F9B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{D517B91F-C3C1-47F3-9231-F4CE00B81CC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D6857C36-542F-4A54-A623-C85379CEDA12}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D699AD9A-44BB-4726-A02A-BFEC53249332}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | "{D8FF62A6-C134-47A5-952C-F7DCE943B9AD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm | "{D9FD1AC5-7EA3-4FC4-A6DC-D9AF3259742C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DB20FC78-737E-4D11-A079-C65C31185A53}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{DC8FC8F1-5B8D-409A-84D7-95A7B91D7BF8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{DD124F94-76AA-4DCF-B8FE-E171BEBA4273}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{DD74084F-9028-4EA2-A595-C77FAE7CD627}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E037988D-6C63-46DD-94A6-C548088B6840}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat | "{E19F6D48-870B-42CD-88CB-D3EFD290020F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat | "{E3C5E293-D85E-4B09-8865-520FFEC4B921}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E44858A2-C6D0-4CA6-B8E0-EE881CAAF8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E50029A1-7B1B-4774-8A46-8CB6E409D683}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{E5725ED7-8EBD-4764-BCAC-A3F332069549}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe | "{E59F82FD-D7C3-461A-B127-C12898077B8D}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | "{E6E22F2F-952E-45AA-9EE7-009B2FA4E284}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E8347656-ECF6-4EB4-B76D-4E6C8F07FC7E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EC81F3E9-09EC-484E-A39A-B482A161EC5E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{ED894EF2-2B75-4589-8039-8E4BEA8CE147}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EE9C30D6-C62C-4A9C-9DBC-1F3436A72380}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F1455018-3167-41B0-850A-C49FEA2D8C02}" = protocol=17 | dir=in | app=c:\blackshot\blackshot\system\blackshot.exe | "{F25F2155-B303-4A44-B764-0997D1A71481}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F37A161D-05BA-4091-9105-F938E8783D28}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\battlefield 2\bf2.exe | "{F5989C2D-D2A2-4871-A8F9-DAFCBB51DA21}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{F5DF563B-B873-4C18-84FC-2BB0CEFC43A5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "{F6BC8D62-C7E4-42E5-B0B2-C600A0C8BE42}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F97C4B78-B432-4829-8DAD-B9C138CDE4DD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FAC12000-25D8-493A-8020-DA0F8BA283FE}" = protocol=6 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe | "{FEC61996-5395-45A0-9086-E6772DF4817F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{01421C3C-DBC6-4CBD-807E-2E1AA3A08493}C:\program files\serverfiles by peridor\portmap,hamachi\portmap (2).exe" = protocol=6 | dir=in | app=c:\program files\serverfiles by peridor\portmap,hamachi\portmap (2).exe | "TCP Query User{029A4974-7BC8-41EE-BE9A-655BA3D8F8F0}C:\program files\longju\mc.exe" = protocol=6 | dir=in | app=c:\program files\longju\mc.exe | "TCP Query User{038F27A4-99D1-44ED-8983-675CA9715CA2}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\6. cacheserver\6. cacheserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\6. cacheserver\6. cacheserver.exe | "TCP Query User{045348DE-F71E-449A-B9E3-AB7979C8FA15}C:\users\ricardo\desktop\flyfornations server\program\3. coreserver\3. coreserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\3. coreserver\3. coreserver.exe | "TCP Query User{06792FD6-A1B9-432C-97AA-C2AEF0AC514C}C:\program files\darkdaymt2\mc.exe" = protocol=6 | dir=in | app=c:\program files\darkdaymt2\mc.exe | "TCP Query User{113E6CEE-0F54-4308-9D36-EE415D0AA6DC}C:\users\ricardo\desktop\flyfornations server\program\6. cacheserver\6. cacheserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\6. cacheserver\6. cacheserver.exe | "TCP Query User{12EDF4A5-9066-4699-AFAF-507441F24794}C:\users\ricardo\desktop\flyfornations server\resource\2. databaseserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\2. databaseserver.exe | "TCP Query User{1648A136-FE08-4B15-9197-EAE340312156}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "TCP Query User{191400F7-5AE9-42E2-BCF0-2D559072A246}C:\users\ricardo\desktop\v15\program\accountserverv15.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\program\accountserverv15.exe | "TCP Query User{1C592545-63D5-48F4-955D-94513830BAC0}C:\program files\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=c:\program files\cossacks - back to war\dmcr.exe | "TCP Query User{20688A2D-C429-40FA-A650-A330DDDA95F0}C:\users\ricardo\desktop\flyfornations server\program\5. loginserver\5. loginserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\5. loginserver\5. loginserver.exe | "TCP Query User{2332EF30-77CB-4CB7-889E-CF5166069A64}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\5.loginserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\5.loginserver.exe | "TCP Query User{26886086-B891-46F3-89CB-25AB66A00CAC}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7.worldserver_ultimate.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7.worldserver_ultimate.exe | "TCP Query User{27820495-B5E8-4E7C-A8C4-ACEC9CB1C3B4}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\4.certifier.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\4.certifier.exe | "TCP Query User{27FD66C5-6008-433B-B433-64119933EF4C}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{28A000F4-6EDB-4DBE-A80C-15DF1E7001EE}C:\program files\teamspeak 3 server\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\program files\teamspeak 3 server\ts3server_win32.exe | "TCP Query User{302C7386-3130-462E-8D5B-AD93984D73F3}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | "TCP Query User{32A89939-3302-4CF3-A74F-3C5E97DDF71A}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "TCP Query User{32F226AB-16CB-4C93-91AD-C4A54880FEFF}C:\users\ricardo\desktop\longju\mc.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\longju\mc.exe | "TCP Query User{33C5D6D6-8572-47CE-B8CE-12C26467593D}C:\program files\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.bin | "TCP Query User{359E1B58-DB50-4937-BF14-8B9D62D3F994}C:\users\ricardo\desktop\v15\program\cacheserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\program\cacheserver.exe | "TCP Query User{35E2546E-F4F9-40B2-9C19-C47DF605ED96}C:\users\ricardo\desktop\flyfornations server\program\1. accountserver\1. accountserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\1. accountserver\1. accountserver.exe | "TCP Query User{363B1702-9110-4435-A4F9-276995A8E3F6}C:\users\ricardo\desktop\antihack\packetfilter.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\antihack\packetfilter.exe | "TCP Query User{391CA141-C7CA-4AA5-880D-E44A1358C471}C:\users\ricardo\desktop\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\xampp\filezillaftp\filezilla server.exe | "TCP Query User{39EF20B1-55DB-4346-82CF-79B94EE0F9AD}C:\users\ricardo\desktop\longju3\1_longju3.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\longju3\1_longju3.exe | "TCP Query User{3A476BEB-64B8-4D12-BB1F-429FECD3DE8F}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "TCP Query User{3AA43E4A-21A9-4791-A159-25CD2AEF2026}C:\users\ricardo\desktop\black-revolution2\black-revolution2.bin" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\black-revolution2\black-revolution2.bin | "TCP Query User{3B4C6B91-58D4-47D3-87AD-50D5C11E6971}C:\users\ricardo\desktop\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\xampp\apache\bin\httpd.exe | "TCP Query User{3C64A483-9551-4E44-B1F3-9DF74E5A672B}C:\users\ricardo\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ricardo\program files\dna\btdna.exe | "TCP Query User{3F011BD0-A9ED-4F52-A3BF-CF15D65602AA}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\2ter channel\resource\7.worldserver_ultimate.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\2ter channel\resource\7.worldserver_ultimate.exe | "TCP Query User{40BCE0A4-8DD0-4A80-8B98-DF2103EFB0CC}C:\users\ricardo\desktop\grid\grid.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\grid\grid.exe | "TCP Query User{411EAF3B-6020-4FED-8548-66673C9E788D}C:\users\ricardo\desktop\antihack 5.3.2\packetfilter.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\antihack 5.3.2\packetfilter.exe | "TCP Query User{41C32292-0044-4F35-8361-AC3294BC87EE}C:\users\ricardo\desktop\server\portmap.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\server\portmap.exe | "TCP Query User{425649C6-D3AA-4DC2-BB88-B041F171C111}C:\users\ricardo\desktop\v15\resource\databaseserverv15.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\resource\databaseserverv15.exe | "TCP Query User{429D81BE-1BE8-4C50-8428-7A8EE965C460}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{473C489D-AEA2-419A-89F4-CE6AF5AA5A42}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\2. databaseserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\2. databaseserver.exe | "TCP Query User{4FCEAAA7-44AF-491F-8587-F5F215A7BC33}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\6.cacheserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\6.cacheserver.exe | "TCP Query User{500AD944-5B6C-46E1-81BA-A19CEA546353}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\1.login.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\1.login.exe | "TCP Query User{52880C2F-AF8B-406B-A628-26B6251A4C33}C:\program files\sierra\swat 4\content\system\swat4dedicatedserver.exe" = protocol=6 | dir=in | app=c:\program files\sierra\swat 4\content\system\swat4dedicatedserver.exe | "TCP Query User{57CD3D6C-3B91-4C18-B3E5-D379BB1D3BC0}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\worldserver_levelcap_200.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\worldserver_levelcap_200.exe | "TCP Query User{587D1BDC-524D-44E8-A4C5-90D6D9DE723B}C:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_nomapkey.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_nomapkey.exe | "TCP Query User{589102D5-19BA-4262-8D1D-F8E513BB9C54}C:\program files\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | "TCP Query User{5A801492-B979-4150-A30A-89A9FCF4F7DB}C:\users\ricardo\desktop\v15\program\certifierv15.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\program\certifierv15.exe | "TCP Query User{5ABBBE3C-D4C6-4C96-98F4-56FBAAB67D56}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\3. world server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\3. world server.exe | "TCP Query User{5B19493A-F303-44AA-BFE4-787D31DD5531}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\3. world server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\3. world server.exe | "TCP Query User{5D563962-96C7-4CF1-86D2-6C7A8C2DE722}C:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos.exe | "TCP Query User{5E1DD6BA-A97C-473E-9FAF-A6994172299E}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\3. coreserver\3. coreserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\3. coreserver\3. coreserver.exe | "TCP Query User{5E4B1D11-1413-4A5B-B342-0F7FBDFA0760}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\1. accountserver\1. accountserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\1. accountserver\1. accountserver.exe | "TCP Query User{5E7D66B0-679C-4D2A-9A45-FE0F6209C73C}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\2. char server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\2. char server.exe | "TCP Query User{5EAAFDF1-6C98-485C-8C23-B691D32431E2}C:\users\ricardo\desktop\metin2_germany\metin2.bin" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\metin2_germany\metin2.bin | "TCP Query User{5EE3261D-DF3C-48B1-BF23-4B64717F9461}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | "TCP Query User{5EFA0A9B-F66D-4332-8767-557745E473E7}C:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\2.databaseserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\2.databaseserver.exe | "TCP Query User{61B249D8-B988-4109-B10C-4826FCD6159C}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "TCP Query User{61FC1720-7E44-45EA-BC1A-391ECB9633EA}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\3.coreserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\3.coreserver.exe | "TCP Query User{63F93297-4F70-499C-BBA0-2E779B738A28}C:\users\ricardo\desktop\p server\portmap.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\p server\portmap.exe | "TCP Query User{645ABC11-E3F0-4977-809C-522653BE2846}C:\program files\warsow 0.5\warsow_x86.exe" = protocol=6 | dir=in | app=c:\program files\warsow 0.5\warsow_x86.exe | "TCP Query User{649ED0EF-EAF4-4543-9B01-608486935728}C:\users\ricardo\desktop\flyff\neuz.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff\neuz.exe | "TCP Query User{6532BA9E-A711-4083-A141-ECF9592AB509}C:\users\ricardo\desktop\flyfornations server\resource\7.worldserver_ultimate.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7.worldserver_ultimate.exe | "TCP Query User{67CE7E9D-28D5-4F20-BE71-44D64816C695}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\3.world.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\3.world.exe | "TCP Query User{685D19EF-4F4A-4709-A0C3-67BF266D3E7E}C:\users\ricardo\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.001\cf_downloader.exe | "TCP Query User{694BCC07-D2C6-4E47-98B8-B0B84FF6002E}C:\users\ricardo\desktop\flyfornations server\antihack\tomsantihack.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\antihack\tomsantihack.exe | "TCP Query User{6985ADA9-A736-4540-8A5D-AC92CD6A22AE}C:\pacsteamt\steamapps\pferdwurm23\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\pacsteamt\steamapps\pferdwurm23\team fortress 2\hl2.exe | "TCP Query User{6A05560C-ADA7-4FBE-AB26-DB0AFB682F04}C:\users\ricardo\desktop\packetfilter.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\packetfilter.exe | "TCP Query User{6DC4DEAA-9658-4662-9EA0-501CE321EE94}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\1. login server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\1. login server.exe | "TCP Query User{6DF4CF70-68AE-4085-8C7F-5DBBC4829A04}C:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\mysql\bin\mysqld.exe | "TCP Query User{6E29FD71-3D46-4F33-A8F5-23BEA3BDC92E}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "TCP Query User{70CFF4CE-508E-4E12-8902-261C4ED647F6}C:\program files\metin2_20091009\mc.exe" = protocol=6 | dir=in | app=c:\program files\metin2_20091009\mc.exe | "TCP Query User{70DAB42D-A91D-4835-9A78-1311BA09CD81}C:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\7.worldserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\7.worldserver.exe | "TCP Query User{70DABBD2-19F5-494A-A9D1-EFCEC7176942}C:\program files\valve\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\valve\counter-strike source\hl2.exe | "TCP Query User{7246495F-9194-4CF4-B59E-028DCB8E461B}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin | "TCP Query User{727C7939-51DD-46F0-8E4B-33AFC3B15BEA}C:\users\ricardo\desktop\server\2. char server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\server\2. char server.exe | "TCP Query User{72F2F1A0-A223-450B-A81D-F3C7ECD126A1}C:\users\ricardo\downloads\programs\paketeditor by yannickmama v1.1.exe" = protocol=6 | dir=in | app=c:\users\ricardo\downloads\programs\paketeditor by yannickmama v1.1.exe | "TCP Query User{7356B570-AA29-4F4B-9704-AF744D2DF4A2}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{757650F6-AD8B-450B-A2CB-34CCBD73BDD2}C:\users\ricardo\desktop\cf perfect title deserve\hl.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\cf perfect title deserve\hl.exe | "TCP Query User{765E4CBE-EEEE-469D-9886-76400938770A}C:\program files\metin 2 p-server\angelzmt2\mc.exe" = protocol=6 | dir=in | app=c:\program files\metin 2 p-server\angelzmt2\mc.exe | "TCP Query User{77CAAAA8-BD52-439E-93A0-1EAC1F792C43}C:\execution\portmap\portmap.exe" = protocol=6 | dir=in | app=c:\execution\portmap\portmap.exe | "TCP Query User{7A363AF3-B577-47DA-B815-B88E00E41574}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe | "TCP Query User{7EF034B4-3137-41AD-B92A-FE93EC0B5F1D}C:\users\ricardo\desktop\server\3. world server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\server\3. world server.exe | "TCP Query User{7F31EB24-94FF-4D5A-BEBF-BF195A1E2046}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\4. certifier\4. certifier.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\4. certifier\4. certifier.exe | "TCP Query User{8619B87D-9DE7-4075-A136-0B2154BBDE4F}F:\longju\mc.exe" = protocol=6 | dir=in | app=f:\longju\mc.exe | "TCP Query User{8B360244-FCED-4EF8-94A5-29103BF76294}C:\program files\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\program files\xampp\filezillaftp\filezilla server.exe | "TCP Query User{8F5D94E8-9E40-46B5-A3EA-E1ABE17CFFB4}C:\users\ricardo\appdata\local\temp\7zipsfx.002\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.002\cf_downloader.exe | "TCP Query User{90EA9689-263B-41F7-A287-F0F695192E05}C:\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\xampp\mercurymail\mercury.exe | "TCP Query User{90FA5C3A-9313-4917-8483-F2798E096216}C:\program files\ea sports\fifa 10\fifa10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 10\fifa10.exe | "TCP Query User{9126A1F7-BE06-413A-942B-B9E9F0608387}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\1. login server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\1. login server.exe | "TCP Query User{91FF09A8-0A18-4E00-A9D1-667572821A83}C:\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | "TCP Query User{97F42AED-415E-433C-826F-76981ABC9F2F}C:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos with mapkey.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos with mapkey.exe | "TCP Query User{9C222E99-D7FF-4FC0-B8B8-BAD408526163}C:\users\ricardo\desktop\serverfiles by peridor\portmap,hamachi\portmap (2).exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\serverfiles by peridor\portmap,hamachi\portmap (2).exe | "TCP Query User{9E5B80E1-9105-4575-82E7-5DB490BAE89C}C:\program files\grid\grid\grid.exe" = protocol=6 | dir=in | app=c:\program files\grid\grid\grid.exe | "TCP Query User{A47BA662-30E1-4A8A-BD00-9BBFB8AFC0B9}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "TCP Query User{A4D92F01-A0D2-417A-A734-B876E825BC22}C:\users\ricardo\desktop\skype.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\skype.exe | "TCP Query User{A5E78E5C-4244-4912-9634-FB0282F76E50}C:\program files\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty 4\iw3mp.exe | "TCP Query User{ACF6847E-1121-42CE-8DF3-9B8811F9BC85}C:\users\ricardo\desktop\v15\program\coreserverv15.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\program\coreserverv15.exe | "TCP Query User{AF26C4B8-FE4A-462B-AC25-D650F52A1721}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\2. char server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\2. char server.exe | "TCP Query User{AF66476A-02BE-4294-8AE7-47AC9282DCEB}C:\program files\call of duty 2\cod2mp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty 2\cod2mp.exe | "TCP Query User{B10A12CE-D8BB-49FB-9E4C-0131150BD6A3}C:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\apache\bin\apache.exe | "TCP Query User{B2F2A709-778D-49E9-81DE-64A76B6EF6F1}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "TCP Query User{B3375188-CC31-41C7-A9DA-8CE7F9E5B60C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{B3400E70-63C9-44BB-BDFD-805E0C51DB8A}C:\users\ricardo\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ricardo\program files\dna\btdna.exe | "TCP Query User{B3932069-1DBB-4F21-9A22-74DC4C47301E}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe | "TCP Query User{B497466F-9195-41A3-B1CB-DED11F0F44C9}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "TCP Query User{B5907ACE-4053-4E48-95E4-75DE23D9E72E}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7. worldserver_mapkey.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7. worldserver_mapkey.exe | "TCP Query User{B6D6AC47-D8EA-4888-8BDC-CA6F3CFFA260}C:\program files\ubisoft\far cry 2\bin\fc2editor.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "TCP Query User{BAEEABB9-A7B2-4616-9D4C-2D7E8D40F457}C:\users\ricardo\desktop\saints row 2\sr2_pc.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\saints row 2\sr2_pc.exe | "TCP Query User{BBAF23C2-0823-4331-89D4-B670B645FA87}C:\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe | "TCP Query User{BCED0CF8-CB11-4E9D-ACEE-7DF01C6E0BFC}C:\program files\metin2_germany\germanserver3.exe" = protocol=6 | dir=in | app=c:\program files\metin2_germany\germanserver3.exe | "TCP Query User{BE5218A8-5AE9-4CBB-B1E0-8C5FA113493B}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | "TCP Query User{C11F9C6E-A669-4850-A738-64A30E6C54B2}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "TCP Query User{C163EA01-CE46-47CA-9AD9-83B8B14EC7D4}C:\users\ricardo\desktop\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\xampp\mercurymail\mercury.exe | "TCP Query User{C27AF2EB-B128-4BDE-9F65-791158485B81}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\1.accountserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\1.accountserver.exe | "TCP Query User{C3654553-C3C3-498A-AAE3-133449F2C233}C:\users\ricardo\desktop\flyfornations server\program\4. certifier\4. certifier.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\4. certifier\4. certifier.exe | "TCP Query User{C38BDAD5-EC97-48B0-8FF6-DD6252D09CA3}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin | "TCP Query User{C478CF8C-D312-4D3B-9B1A-4554BB6D13E7}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\5. loginserver\5. loginserver.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\5. loginserver\5. loginserver.exe | "TCP Query User{C52CC5A4-4D23-4B6D-8E5D-A16AB9F3067B}C:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\apache\bin\apache.exe | "TCP Query User{C59674CF-CBD5-40DF-BB79-4A83E1E0A28D}C:\users\ricardo\desktop\v15\program\loginserverv15.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\v15\program\loginserverv15.exe | "TCP Query User{C784B370-5967-4716-A4FC-7E7BC9CBBACD}C:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "TCP Query User{C7C6EA0C-1D93-4653-A447-318C6C011543}C:\program files\thq\saints row 2\sr2_pc.exe" = protocol=6 | dir=in | app=c:\program files\thq\saints row 2\sr2_pc.exe | "TCP Query User{CA160FC4-9FC0-4C5E-90BF-193BA151CAC9}C:\users\ricardo\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=6 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.000\cf_downloader.exe | "TCP Query User{CC153780-AD2D-42BB-AE8B-EAD95DD4AA39}C:\program files\gamigo\levelr\levelr.bin" = protocol=6 | dir=in | app=c:\program files\gamigo\levelr\levelr.bin | "TCP Query User{CC5CF975-0339-4A3F-979C-E2997B8BDF6B}F:\longju\mc.exe" = protocol=6 | dir=in | app=f:\longju\mc.exe | "TCP Query User{CD1907A9-9BE6-4ECC-9AF7-CCB22FCE6F78}C:\users\ricardo\desktop\blackshotinstaller.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\blackshotinstaller.exe | "TCP Query User{CE773BCF-C1C0-4877-841A-E724CE6CD6CD}C:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\mysql\bin\mysqld.exe | "TCP Query User{CFC2D7A8-5261-45DD-8B85-EC682539DBD4}C:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_mapkey.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_mapkey.exe | "TCP Query User{D1248566-FF43-48DC-AFFC-45E5C96BFAE7}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{D321E203-4A6D-45F6-870B-8AA5E4ACEC4F}C:\users\ricardo\desktop\35\server1.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\35\server1.exe | "TCP Query User{D82D89CA-6281-45A7-951F-E8FF169657B9}C:\program files\darkdaymt2\metin2.exe" = protocol=6 | dir=in | app=c:\program files\darkdaymt2\metin2.exe | "TCP Query User{D9C7CEED-0B3F-4C14-9C01-E841D0A7D9B1}C:\users\ricardo\desktop\flyfornations server\antihack\packetfilter.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\antihack\packetfilter.exe | "TCP Query User{DA34EACF-343C-4952-96A7-FCE2ED47573D}C:\programfilesaeriagames\wolfteam\wolfteam.bin" = protocol=6 | dir=in | app=c:\programfilesaeriagames\wolfteam\wolfteam.bin | "TCP Query User{DCEFAB25-1F1C-4514-A043-4BFB66720216}C:\users\ricardo\desktop\longju\newmt2.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\longju\newmt2.exe | "TCP Query User{DD0D512B-C7F7-4996-9AD6-8A140D12FDE9}C:\users\ricardo\desktop\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\xampp\mysql\bin\mysqld.exe | "TCP Query User{DF55C3B9-1B69-448D-8364-36C33229AB7F}C:\users\ricardo\desktop\server\1. login server.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\server\1. login server.exe | "TCP Query User{E2E81035-89FC-4B1F-A1F0-5429BD9F2584}C:\program files\ubisoft\far cry 2\bin\far cry 2.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\far cry 2.exe | "TCP Query User{E3DB1B0C-A1E7-4F14-A25D-12A6DAA05591}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{E48434A4-01C5-4CDC-859E-6C1BCEC4EAAC}C:\users\ricardo\desktop\portmap.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\portmap.exe | "TCP Query User{ED57929A-D0D9-4BDF-B2CF-963CF2C43E8C}C:\users\ricardo\desktop\atzenmt2_china_ganz\mc.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\atzenmt2_china_ganz\mc.exe | "TCP Query User{ED71E43A-8707-4CB1-A92A-D1A320F9C942}C:\users\ricardo\desktop\modified-client_4.0\mc.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\modified-client_4.0\mc.exe | "TCP Query User{EF311B7D-98B5-4DC8-851D-B637058FC481}C:\users\ricardo\desktop\35\server3.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\35\server3.exe | "TCP Query User{F33174F3-70D4-4E96-A0B2-0242EE2B9202}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\2.char.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\2.char.exe | "TCP Query User{F42FCE60-FE87-429E-9EBF-717B2F83D6B6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{F65D8DDC-BE3F-4993-B524-DFE1840A3DD5}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe | "TCP Query User{F6F257AD-9302-4B7F-8338-8B1A540B3883}C:\program files\grid\grid\grid.exe" = protocol=6 | dir=in | app=c:\program files\grid\grid\grid.exe | "TCP Query User{FA406E83-4DFC-466F-A5D9-2966B3C2BE9D}C:\users\ricardo\desktop\sro_l6_full_client_downloader.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\sro_l6_full_client_downloader.exe | "TCP Query User{FBB109BC-81FD-475B-B7E5-841F0A6079A0}C:\users\ricardo\desktop\darkdaymt2\mc.exe" = protocol=6 | dir=in | app=c:\users\ricardo\desktop\darkdaymt2\mc.exe | "UDP Query User{017F84F0-980E-43AF-9952-1FCDD6E00625}C:\users\ricardo\appdata\local\temp\7zipsfx.000\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.000\cf_downloader.exe | "UDP Query User{050D88BC-BC00-413E-BB31-A6F4A8080281}C:\users\ricardo\desktop\modified-client_4.0\mc.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\modified-client_4.0\mc.exe | "UDP Query User{05FFBB62-4931-4D6D-80CD-852219A092D6}C:\users\ricardo\desktop\v15\program\loginserverv15.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\program\loginserverv15.exe | "UDP Query User{0648B7B2-06BC-4916-8526-A88770715C7B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{06692B11-C88A-42E1-8613-190A1268521A}C:\users\ricardo\desktop\black-revolution2\black-revolution2.bin" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\black-revolution2\black-revolution2.bin | "UDP Query User{07D71ED3-055D-4DF0-AA1F-6DB9AA6A75DF}C:\users\ricardo\desktop\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\xampp\mercurymail\mercury.exe | "UDP Query User{07E6F76C-84D7-46E6-91FF-D9DA81831F60}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\1. accountserver\1. accountserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\1. accountserver\1. accountserver.exe | "UDP Query User{0D80C3CF-4679-4117-AE34-406A3A249F26}C:\program files\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty 4\iw3mp.exe | "UDP Query User{1169CA68-4309-48D8-AD11-D8F1CEADBD5F}C:\users\ricardo\desktop\sro_l6_full_client_downloader.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sro_l6_full_client_downloader.exe | "UDP Query User{11F70817-989A-47A6-9838-C7B81C46A131}C:\program files\metin2_germany\germanserver3.exe" = protocol=17 | dir=in | app=c:\program files\metin2_germany\germanserver3.exe | "UDP Query User{136C512C-9FE6-4EC5-8C37-026DAA3911DE}C:\users\ricardo\desktop\server\2. char server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\server\2. char server.exe | "UDP Query User{139BFD99-9294-4A62-A10B-B7296656A48D}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "UDP Query User{16A3DCC5-B1DC-4DE8-AE31-B8DA475CD92C}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\1. login server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\1. login server.exe | "UDP Query User{1814AE32-58C1-4DF4-83DD-DB814997170C}C:\users\ricardo\desktop\atzenmt2_china_ganz\mc.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\atzenmt2_china_ganz\mc.exe | "UDP Query User{187B79B2-0FFC-47D0-8697-6911691DAE67}C:\program files\longju\mc.exe" = protocol=17 | dir=in | app=c:\program files\longju\mc.exe | "UDP Query User{19FBBCF3-2134-4A7A-B240-88495C9C0961}C:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\mysql\bin\mysqld.exe | "UDP Query User{1C344C49-BD3D-4F29-BB61-CE4B19CAED09}C:\users\ricardo\desktop\flyfornations server\program\5. loginserver\5. loginserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\5. loginserver\5. loginserver.exe | "UDP Query User{1D04B175-160C-46C2-82D4-21089C8A132E}C:\program files\ea sports\fifa 10\fifa10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 10\fifa10.exe | "UDP Query User{1F3409E5-728B-4F06-BED1-D7D4D8DC4435}C:\users\ricardo\desktop\serverfiles by peridor\portmap,hamachi\portmap (2).exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\serverfiles by peridor\portmap,hamachi\portmap (2).exe | "UDP Query User{1F64668E-4D7C-4D95-8C07-1B2BBC48B922}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin | "UDP Query User{2048A327-5DAB-44FC-9352-D3298D9C556C}C:\users\ricardo\desktop\35\server1.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\35\server1.exe | "UDP Query User{20743EE4-F265-4CCE-95E4-DFC4D8B7DDE5}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{27C7648D-835D-4CF1-A21B-DF2DC6D22362}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7. worldserver_mapkey.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7. worldserver_mapkey.exe | "UDP Query User{309E8D9E-1953-4BB0-8D93-B4E35443CFFC}F:\longju\mc.exe" = protocol=17 | dir=in | app=f:\longju\mc.exe | "UDP Query User{30F1F8A9-DCF9-4027-8BAA-556AD44B7C37}C:\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | "UDP Query User{313C8A59-8CD6-4243-B9F6-3EF79544A1DD}C:\users\ricardo\desktop\35\server3.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\35\server3.exe | "UDP Query User{357514E9-8F52-4760-8AEF-BBBEBF97CA92}C:\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\xampp\mercurymail\mercury.exe | "UDP Query User{370BD69C-0DDE-4F20-A96F-FC7EF0280258}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\2. char server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\2. char server.exe | "UDP Query User{39A1BEA8-94A5-408B-9BFD-7E121B9CFCEF}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\1.login.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\1.login.exe | "UDP Query User{42413E1D-F933-4608-B595-5AC3B4B6E30A}C:\program files\ubisoft\far cry 2\bin\far cry 2.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\far cry 2.exe | "UDP Query User{438F18EA-0380-4485-A5B4-192A7A427F32}C:\users\ricardo\desktop\flyfornations server\resource\7.worldserver_ultimate.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7.worldserver_ultimate.exe | "UDP Query User{44375B2A-6CA9-4503-BDDF-A7EAF6F3A0F7}C:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\dateien\spiele\ds lan\dslan_v1.3\apache\bin\apache.exe | "UDP Query User{48DC7294-4AFD-47E0-8B4B-1F37C6ADAB19}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "UDP Query User{4970AFF6-B492-4679-A888-3306F966B2BA}C:\users\ricardo\desktop\v15\resource\databaseserverv15.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\resource\databaseserverv15.exe | "UDP Query User{4DA21551-BDF8-4CBD-9D64-3E663AAFAC87}C:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos.exe | "UDP Query User{4DC87C71-EB5E-4ABF-8C7E-C5403FD94483}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "UDP Query User{4F0827AB-67D8-4A7B-8FCE-033493A5BC43}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\3.world.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\3.world.exe | "UDP Query User{4F46C732-742A-453C-AB49-38CC6147D2AE}C:\users\ricardo\desktop\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\xampp\mysql\bin\mysqld.exe | "UDP Query User{4F76E189-CA91-4B58-B522-FB770AEADE71}F:\longju\mc.exe" = protocol=17 | dir=in | app=f:\longju\mc.exe | "UDP Query User{5342E203-A4BC-4A20-88C7-54E365CF3D7C}C:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "UDP Query User{5789BE5D-129A-4D0A-8561-7F8DA647C34C}C:\users\ricardo\desktop\flyfornations server\program\6. cacheserver\6. cacheserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\6. cacheserver\6. cacheserver.exe | "UDP Query User{596C2FD5-65F2-4E68-916B-802055EF8B7D}C:\program files\serverfiles by peridor\portmap,hamachi\portmap (2).exe" = protocol=17 | dir=in | app=c:\program files\serverfiles by peridor\portmap,hamachi\portmap (2).exe | "UDP Query User{596F69BB-796E-45B4-A95F-8E61B7880FCA}C:\program files\thq\saints row 2\sr2_pc.exe" = protocol=17 | dir=in | app=c:\program files\thq\saints row 2\sr2_pc.exe | "UDP Query User{5A68AB8F-F29D-4394-A91C-ABB4887541B4}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{5B25EF93-755D-465B-8621-9141B06DEC45}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\3. coreserver\3. coreserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\3. coreserver\3. coreserver.exe | "UDP Query User{5C84484E-E232-4795-94CC-994D0A6FEFD3}C:\users\ricardo\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ricardo\program files\dna\btdna.exe | "UDP Query User{5CEE467E-04A9-4997-ACFD-A231B036DEB2}C:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_mapkey.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_mapkey.exe | "UDP Query User{5D7E31C6-D9ED-4F00-9A9E-F8710DBE0496}C:\program files\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=c:\program files\cossacks - back to war\dmcr.exe | "UDP Query User{5E53E5C4-7E84-463C-B11F-DA60F37A85FB}C:\users\ricardo\desktop\flyff\neuz.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff\neuz.exe | "UDP Query User{5E744C95-7F44-4A46-B1ED-80860865EBE3}C:\users\ricardo\desktop\flyfornations server\program\1. accountserver\1. accountserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\1. accountserver\1. accountserver.exe | "UDP Query User{624E41C8-185C-485E-9596-073753B4D174}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\1.accountserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\1.accountserver.exe | "UDP Query User{64B72D7E-75EC-459E-A2D2-2D95B361CC46}C:\users\ricardo\desktop\flyfornations server\program\4. certifier\4. certifier.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\4. certifier\4. certifier.exe | "UDP Query User{653699CD-B6C5-40FD-B7E8-12D984D64D1C}C:\users\ricardo\desktop\portmap.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\portmap.exe | "UDP Query User{66E77680-FC37-4151-9917-BDA20CB791DA}C:\program files\metin2_20091009\mc.exe" = protocol=17 | dir=in | app=c:\program files\metin2_20091009\mc.exe | "UDP Query User{67F2492A-071D-43D4-9E66-BE554F399173}C:\program files\darkdaymt2\mc.exe" = protocol=17 | dir=in | app=c:\program files\darkdaymt2\mc.exe | "UDP Query User{6A641E5C-8812-4682-A911-48077BF281C7}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe | "UDP Query User{6B0A20EE-5E28-4255-BBCE-329FE502806E}C:\program files\grid\grid\grid.exe" = protocol=17 | dir=in | app=c:\program files\grid\grid\grid.exe | "UDP Query User{6BC5A82F-F624-4204-84B4-83773AFD6634}C:\users\ricardo\desktop\flyfornations server\program\3. coreserver\3. coreserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\program\3. coreserver\3. coreserver.exe | "UDP Query User{6EA7D8F3-64FF-492C-8995-EB9E8A7A6516}C:\users\ricardo\desktop\server\portmap.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\server\portmap.exe | "UDP Query User{6F33495C-C86A-47A4-80CE-F260439B2957}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | "UDP Query User{6FA2666A-7249-4607-9350-72A7F50100C2}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe | "UDP Query User{71035670-9D8A-4298-A8B8-A128A31531AC}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\1. login server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\1. login server.exe | "UDP Query User{732BB243-E6E8-4925-9E9A-36D058E4B53A}C:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos with mapkey.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\resource\7.worldserver lv.200 by virtuos with mapkey.exe | "UDP Query User{740BF3F9-FDCF-4DDE-92A2-097BBBC1CB8B}C:\users\ricardo\desktop\antihack\packetfilter.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\antihack\packetfilter.exe | "UDP Query User{7CE06295-942E-4A4A-A913-5279E96888A0}C:\users\ricardo\desktop\grid\grid.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\grid\grid.exe | "UDP Query User{814EEA75-8602-4BE4-9A69-DA2CF7A2B846}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "UDP Query User{8486153B-2C18-4043-B0D4-369DD190D6E5}C:\users\ricardo\desktop\v15\program\certifierv15.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\program\certifierv15.exe | "UDP Query User{8493980D-5DFA-4872-90BD-C2D3834D2543}C:\users\ricardo\desktop\flyfornations server\resource\2. databaseserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\2. databaseserver.exe | "UDP Query User{84AD5FEB-0802-44AD-ABAA-5FE82200D93E}C:\users\ricardo\desktop\longju\mc.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\longju\mc.exe | "UDP Query User{86C92BE1-26B5-48A5-9F48-4FB065F1F68A}C:\users\ricardo\downloads\programs\paketeditor by yannickmama v1.1.exe" = protocol=17 | dir=in | app=c:\users\ricardo\downloads\programs\paketeditor by yannickmama v1.1.exe | "UDP Query User{87A8EE11-612D-4129-8656-FFF5C1B893FE}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin | "UDP Query User{87BF91AF-B88A-431D-B262-78731AD78E19}C:\execution\portmap\portmap.exe" = protocol=17 | dir=in | app=c:\execution\portmap\portmap.exe | "UDP Query User{889C37CB-BC83-41C5-9A9B-392A2ECA567B}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\5.loginserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\5.loginserver.exe | "UDP Query User{899186B7-41BA-4281-A9F9-F9A761C8D7A5}C:\users\ricardo\desktop\antihack 5.3.2\packetfilter.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\antihack 5.3.2\packetfilter.exe | "UDP Query User{8B4EE206-89EC-4A59-9401-20A66DD587BE}C:\users\ricardo\desktop\v15\program\cacheserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\program\cacheserver.exe | "UDP Query User{8BB9385B-4083-48C2-8713-FBD1CF7C8440}C:\users\ricardo\desktop\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\xampp\apache\bin\httpd.exe | "UDP Query User{8CDA0F59-9D3A-4AC3-9212-2E804BC08D88}C:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\3. world server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\lightning55-core-v2\3. world server.exe | "UDP Query User{92B74051-629B-4927-9B22-4588DF9DDC57}C:\users\ricardo\desktop\server\3. world server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\server\3. world server.exe | "UDP Query User{93D74566-976C-478F-B765-DD9DDCCD6963}C:\users\ricardo\desktop\flyfornations server\antihack\tomsantihack.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\antihack\tomsantihack.exe | "UDP Query User{97DAF9D4-D5A1-4F90-9418-2263EA9789C7}C:\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe | "UDP Query User{99C57E3A-482C-428F-953D-9C7BC70CC24E}C:\program files\teamspeak 3 server\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\program files\teamspeak 3 server\ts3server_win32.exe | "UDP Query User{9A84CAE1-B2B0-4F7D-9485-C051503216EF}C:\program files\ubisoft\far cry 2\bin\fc2editor.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "UDP Query User{9C0E0267-D178-4D44-9694-C1FBBA79FABB}C:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\7.worldserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\7.worldserver.exe | "UDP Query User{9D299AEA-9C82-45A6-AD15-3C969A8A3BC6}C:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_nomapkey.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\resource\7. worldserver_nomapkey.exe | "UDP Query User{A2BBA41F-7C71-4074-8EF7-FF615CD41458}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | "UDP Query User{A3DBE636-5D1A-4F45-926F-7D5DC5583A1C}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\6.cacheserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\6.cacheserver.exe | "UDP Query User{A43957FC-983F-483B-8281-51CE918A71AE}C:\program files\metin 2 p-server\angelzmt2\mc.exe" = protocol=17 | dir=in | app=c:\program files\metin 2 p-server\angelzmt2\mc.exe | "UDP Query User{A6093053-4EF3-49BA-9932-3FDCAD0754F0}C:\users\ricardo\desktop\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\metin2_germany\metin2.bin | "UDP Query User{A6D822D3-6F9A-43B5-9F7E-60D7402D2856}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | "UDP Query User{A8A5DEF9-B77C-417E-9144-48EC7B650A35}C:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\apache\bin\apache.exe | "UDP Query User{AC5CF654-24A7-423D-9FFD-1D309B9B5FC0}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\2. databaseserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\2. databaseserver.exe | "UDP Query User{ACAE1118-F868-4B6F-8969-287BC55E587A}C:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\2.databaseserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\resource\2.databaseserver.exe | "UDP Query User{AEAD2CA1-DB94-4B8C-B5F1-283B6EC39659}C:\program files\metin2_germany\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.bin | "UDP Query User{AF67692D-916F-426B-B1E7-68669E51BE50}C:\program files\grid\grid\grid.exe" = protocol=17 | dir=in | app=c:\program files\grid\grid\grid.exe | "UDP Query User{AFAA174D-4F43-4926-87A2-4FEDA366248F}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\3.coreserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\3.coreserver.exe | "UDP Query User{B1D91059-238C-4624-936F-39234CD06EE6}C:\users\ricardo\desktop\v15\program\coreserverv15.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\program\coreserverv15.exe | "UDP Query User{B2756754-2779-407A-A313-5607EA0663F6}C:\program files\valve\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\valve\counter-strike source\hl2.exe | "UDP Query User{B55D3EDF-D7F4-4BE9-8669-402FDA5F9B22}C:\programfilesaeriagames\wolfteam\wolfteam.bin" = protocol=17 | dir=in | app=c:\programfilesaeriagames\wolfteam\wolfteam.bin | "UDP Query User{BAEB5D09-7B78-4803-95C7-887711472965}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7.worldserver_ultimate.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\7.worldserver_ultimate.exe | "UDP Query User{BB43BF1F-BAD6-4C46-BA0C-418E120B5D62}C:\users\ricardo\desktop\cf perfect title deserve\hl.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\cf perfect title deserve\hl.exe | "UDP Query User{BEEB9D2B-8201-4563-A604-5F8401F98808}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\worldserver_levelcap_200.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\resource\worldserver_levelcap_200.exe | "UDP Query User{C1E8A3AD-B179-4DE0-8996-8836EB13BC89}C:\users\ricardo\desktop\v14 server packet\v14 server packet\program\4.certifier.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v14 server packet\v14 server packet\program\4.certifier.exe | "UDP Query User{C274DD4B-C921-4900-9E4E-377BF6505CD8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{C31EC1F4-64D0-4CB2-AD58-8506D19F204A}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\2. char server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\2. char server.exe | "UDP Query User{C419E324-3393-4C5C-B38F-ED27EF67852D}C:\program files\sierra\swat 4\content\system\swat4dedicatedserver.exe" = protocol=17 | dir=in | app=c:\program files\sierra\swat 4\content\system\swat4dedicatedserver.exe | "UDP Query User{C4EE7FA2-A2CB-4C67-A73C-B416580A28E9}C:\users\ricardo\desktop\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\xampp\filezillaftp\filezilla server.exe | "UDP Query User{CA9D6B2C-8A7B-4AD2-BCDA-83647953907A}C:\users\ricardo\appdata\local\temp\7zipsfx.002\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.002\cf_downloader.exe | "UDP Query User{CBBF1DBE-1525-42D9-BEE7-D54893BA0542}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "UDP Query User{CC5CCBAE-DD10-4D83-9FA7-0E7732A9E926}C:\program files\darkdaymt2\metin2.exe" = protocol=17 | dir=in | app=c:\program files\darkdaymt2\metin2.exe | "UDP Query User{CEE428F8-52EE-4D62-B022-3F744E70CEDF}C:\users\ricardo\appdata\local\temp\7zipsfx.001\cf_downloader.exe" = protocol=17 | dir=in | app=c:\users\ricardo\appdata\local\temp\7zipsfx.001\cf_downloader.exe | "UDP Query User{D1B53C47-0B65-45BF-8973-BC30485A03A9}C:\users\ricardo\desktop\darkdaymt2\mc.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\darkdaymt2\mc.exe | "UDP Query User{D374323C-FDED-4145-B30E-A6B141ABA3D9}C:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\3. world server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\rev_1\3. world server.exe | "UDP Query User{D4DA89D3-D7FE-4F33-B1F7-8B9EF3BDAFA7}C:\users\ricardo\desktop\saints row 2\sr2_pc.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\saints row 2\sr2_pc.exe | "UDP Query User{D560C665-E504-4A7C-BD38-E30D0E9D9C6B}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{D585FAE5-4500-4D8A-AF81-EDC93F72949D}C:\users\ricardo\desktop\flyfornations server\antihack\packetfilter.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyfornations server\antihack\packetfilter.exe | "UDP Query User{D91415D7-6D43-408C-9662-DE97A5C61FE7}C:\program files\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\global agenda live\binaries\globalagenda.exe | "UDP Query User{DC16D4FF-9267-4900-B4D6-97255DAB4F0B}C:\pacsteamt\steamapps\pferdwurm23\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\pacsteamt\steamapps\pferdwurm23\team fortress 2\hl2.exe | "UDP Query User{DC5C4F9C-69D9-42ED-BE86-4118D71632F6}C:\program files\gamigo\levelr\levelr.bin" = protocol=17 | dir=in | app=c:\program files\gamigo\levelr\levelr.bin | "UDP Query User{DCE09AD2-F0B3-4BE0-B5B2-185AEF047BE6}C:\users\ricardo\desktop\v15\program\accountserverv15.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\v15\program\accountserverv15.exe | "UDP Query User{DDD50B94-3152-4987-B6E1-200C1A4DE397}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\6. cacheserver\6. cacheserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\6. cacheserver\6. cacheserver.exe | "UDP Query User{DE838301-6D5F-48A5-BCDF-A4FF296EDA3E}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\5. loginserver\5. loginserver.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\5. loginserver\5. loginserver.exe | "UDP Query User{DF116A7B-4B3E-41F2-A2A9-85B84AC1AE0D}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | "UDP Query User{E0B3D7D0-3041-42A7-BA93-F94C7185E122}C:\program files\warsow 0.5\warsow_x86.exe" = protocol=17 | dir=in | app=c:\program files\warsow 0.5\warsow_x86.exe | "UDP Query User{E170A70E-8BB8-4816-B554-FF8091FDAF37}C:\users\ricardo\desktop\server\1. login server.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\server\1. login server.exe | "UDP Query User{E2C8883D-2EA8-4667-AD75-1D17FBF304F7}C:\users\ricardo\desktop\packetfilter.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\packetfilter.exe | "UDP Query User{E3B703D7-B5AA-4393-AFC7-40C7655698F5}C:\users\ricardo\desktop\blackshotinstaller.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\blackshotinstaller.exe | "UDP Query User{E5AEACDB-50A5-4A06-B2A7-8AE3AD70C7E3}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{E83F08F3-70D9-4599-ADA8-8AF4940E4AF7}C:\program files\call of duty 2\cod2mp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty 2\cod2mp.exe | "UDP Query User{EE4CD21F-0CF4-472C-A7A6-9D79AB66886F}C:\users\ricardo\desktop\p server\portmap.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\p server\portmap.exe | "UDP Query User{F045952D-5291-4851-A552-37934E96099A}C:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\server\zerogearserver.exe | "UDP Query User{F0D9CD95-BC90-4966-81B2-5885293A4896}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\2ter channel\resource\7.worldserver_ultimate.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\2ter channel\resource\7.worldserver_ultimate.exe | "UDP Query User{F18120F4-BB5A-49B8-A2B8-C7A49C875207}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "UDP Query User{F36DE210-B815-490C-AD79-0D81A6CA9932}C:\users\ricardo\desktop\longju\newmt2.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\longju\newmt2.exe | "UDP Query User{F3D21656-8ED8-4A05-B6CF-F40680C7756F}C:\program files\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\program files\xampp\filezillaftp\filezilla server.exe | "UDP Query User{F40C6E39-F82F-446E-9D6A-3ED7EF475460}C:\users\ricardo\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ricardo\program files\dna\btdna.exe | "UDP Query User{F413A80A-4B84-442B-AFFA-7AA3E8AB1D5E}C:\users\ricardo\desktop\longju3\1_longju3.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\longju3\1_longju3.exe | "UDP Query User{F432DF25-D633-4A7C-980C-3FA2A98943BC}C:\users\ricardo\desktop\skype.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\skype.exe | "UDP Query User{F4384843-845C-4EDB-A5DE-C1C83B06E6AE}C:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\dslan_v1.3\dslan_v1.3\mysql\bin\mysqld.exe | "UDP Query User{F7EE62EE-4D5C-4265-B428-623361EA4985}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "UDP Query User{FBCB7DD7-DCBD-4D28-B441-816F12880115}C:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\2.char.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\flyff p server sachen\entpackte\release_server_files\release_files\bin_x86\2.char.exe | "UDP Query User{FBFE7B44-D2CE-4965-840F-8257E3B2F067}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "UDP Query User{FD85E162-D4DD-41F7-9137-2BA8DBAA9A3E}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{FE439B30-BB4E-4B27-976A-0B53F24C3A55}C:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\4. certifier\4. certifier.exe" = protocol=17 | dir=in | app=c:\users\ricardo\desktop\sedrika's v15 repack [16-08-10]\program\4. certifier\4. certifier.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0DD2DCC6-21AE-4678-8629-1084B17BE077}" = Microsoft SQL Server Compact 3.5 SP1-Abfragetools (Deutsch) "{143B33B7-458A-452A-8939-8B165B4B5067}" = Microsoft SQL Server 2008 Management Studio "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio "{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{48726EA0-4FF4-409B-97F3-C8FC46BE87E6}" = Microsoft SQL Server 2008 Setup Support Files "{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser "{695E67B6-8B95-4160-9650-92974980CDC1}" = Microsoft SQL Server 2008-Richtlinien "{6B04AAD1-383C-41B6-A9EE-35236594671F}}_is1" = Nordschlacht Launcher 1.1 "{6E0E4D61-11EC-11E0-B454-0013D3D69929}" = Vegas Pro 10.0 "{6E9CFEF5-0245-411F-8587-CF83DF9D4B05}" = Microsoft SQL Server 2008 Database Engine Services "{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists "{837B34E3-7C30-493C-8F6A-2B0F04E2912C}" = Microsoft Visual C++ 2005 Redistributable "{86E0CAC0-6DF8-416D-A195-31FEAD651191}" = MorphVOX Pro "{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade "{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris "{ACCEB7C3-4F3A-4C43-93CA-644951D08B0D}" = TortoiseSVN 1.6.12.20536 (32 bit) "{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services "{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EBB05CE8-52DF-4B7C-BDF4-ECC6BB0C3BB1}" = Taksi Desktop Video Recorder "{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F686C148-CBAE-483D-92CE-B4D6913BDD77}" = LevelR "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch) "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows "7-Zip" = 7-Zip 4.65 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "avast" = avast! Free Antivirus "Cross Fire_is1" = Cross Fire En "Eternia CrossFire" = Eternia CrossFire "Fraps" = Fraps (remove only) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324 "Google Chrome" = Google Chrome "heroes in the sky" = heroes in the sky "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "Neffy" = Neffy 1,3,29,0 "NSIS" = Nullsoft Install System "PunkBusterSvc" = PunkBuster Services "Simple Port Forwarding" = Simple Port Forwarding "Steam App 240" = Counter-Strike: Source "Steam App 24860" = Battlefield 2 "Steam App 4000" = Garry's Mod "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "Tunngle beta_is1" = Tunngle beta "Uninstall_is1" = Uninstall 1.0.0.1 "VMware_Workstation" = VMware Workstation "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Ricardo) "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Ricardo) "TeamSpeak 3 Client" = TeamSpeak 3 Client "UnityWebPlayer" = Unity Web Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 06.08.2010 21:13:13 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:13:13 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:13:14 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:13:14 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:14:32 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:14:32 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:29:16 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:29:16 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 06.08.2010 21:29:50 | Computer Name = Ricardo-PC | Source = WinMgmt | ID = 10 Description = Error - 06.08.2010 21:33:50 | Computer Name = Ricardo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = [ System Events ] Error - 07.06.2009 04:02:58 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 07.06.2009 09:30:35 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 08.06.2009 07:42:56 | Computer Name = Ricardo-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 07.06.2009 um 21:06:33 unerwartet heruntergefahren. Error - 08.06.2009 07:43:02 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 08.06.2009 13:38:24 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 09.06.2009 08:27:15 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 09.06.2009 14:57:17 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 10.06.2009 01:23:20 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 10.06.2009 08:18:35 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = Error - 11.06.2009 05:21:47 | Computer Name = Ricardo-PC | Source = HTTP | ID = 15016 Description = < End of report > |
15.04.2011, 12:37 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme Wo sind die Logs von Malwarebytes?
__________________ --> C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme |
Themen zu C:\ProgramData\iLeAAmvQHHaC.exe | Macht große Probleme |
anderen, antworten, avast, datei, desktop, fehler, fehlermeldungen, fenster, gefährliche, gelöst, gen, guten, hardware, hardware fehler, hintergrund, kleine, kleinen, problem, probleme, ram, schwarz, system, taskmanager, virus, vista, windows |