Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   firewall blockt explorer.exe (https://www.trojaner-board.de/86089-firewall-blockt-explorer-exe.html)

Human 14.05.2010 11:18
firewall blockt explorer.exe
 
Ich finde es ziemlich skurril, dass die Windows-Firewall die explorer.exe blockiert. Ich habe es zunächst einmal "weiterhin Blockieren" lassen, jedoch war ich verwundert, dass die Desktop-Icons noch immer da sind. Ich denke ich habe einen Virus und würde daher gerne wissen ob irgendwas Verdächtiges zu erkennen ist:

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:41, on 14.05.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18444)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Human\Documents\Vista Anti-Lag\val.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Human\Downloads\HJT\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) -  - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\config\systemprofile\AppData\Roaming\sdra64.exe,C:\Users\Human\AppData\Roaming\sdra64.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Remote Connections Service (FlexService) - BitMicro Software Corporation - C:\Program Files\RapidBIT\cisvc.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe

--
End of file - 8397 bytes

cosinus 14.05.2010 14:06
Hallo und :hallo:

bitte nen Vollscan mit malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Human 14.05.2010 21:03
Hallo,

Ich habe wie beschrieben einen Malware-Scan durchgeführt und habe 1 Logfile gekriegt, nach welcher ich einen Reboot machen musste, jedoch könnte ich darauf schwören, dass vor dem Reboot überall wo "no actions taken" steht, unterschiedliche sachen standen wie z.B. "quarantied and deleted".

Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4101

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

14.05.2010 21:04:00
mbam-log-2010-05-14 (21-04-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 518830
Laufzeit: 2 Stunde(n), 22 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 5
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\config\systemprofile\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\config\systemprofile\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\users\human\appdata\roaming\sdra64.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\Windows\system32\userinit.exe,C:\Windows\system32\config\systemprofile\AppData\Roaming\sdra64.exe,C:\Users\Human\AppData\Roaming\sdra64.exe,) Good: (Userinit.exe) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\pdfupd.exe (Spyware.Zbot) -> No action taken.
C:\Program Files\QIP\Users\*******\RcvdFiles\*******\Hammerfight\Hammerfight\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Program Files\QIP\Users\*******\RcvdFiles\*******\Hammerfight\Hammerfight\hf\NFOviewer.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Users\Human\Downloads\Hammerfight\Uninstall.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> No action taken.
C:\Users\Human\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> No action taken.
und hier Log aus OTL.Txt
Code:
OTL logfile created on: 14.05.2010 21:29:04 - Run 1
OTL by OldTimer - Version 3.2.4.1    Folder = C:\Users\Human\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451,11 Gb Total Space | 42,53 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive D: | 14,63 Gb Total Space | 9,34 Gb Free Space | 63,86% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: KYOTO-SHI
Current User Name: Human
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Human\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\RapidBIT\cidaemon.exe (BitMicro Software Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wisptis.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Human\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Program Files\Logitech\SetPoint\GameHook.dll (Logitech, Inc.)
MOD - C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NMIndexingService) --  File not found
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DAUpdaterSvc) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (FlexService) -- C:\Program Files\RapidBIT\cisvc.exe (BitMicro Software Corporation)
SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (camfilt2) -- C:\Windows\System32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WacomVKHid) -- C:\Windows\System32\drivers\WacomVKHid.sys (Wacom Technology)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (RTCore32) -- C:\Users\Human\Downloads\rmclock_235_bin\RTCore32.sys ()
DRV - (rt2500usb) DWL-G122(rev.B) -- C:\Windows\System32\drivers\rt2500usb.sys (Ralink Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "LEO de<->en"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..keyword.URL: "hxxp://search.qip.ru/search?from=FF&query="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.04 11:12:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.04 11:12:03 | 000,000,000 | ---D | M]
 
[2008.07.19 15:31:45 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Extensions
[2010.05.14 11:29:59 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions
[2010.02.11 14:31:59 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010.04.30 16:17:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.08.11 11:36:57 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\battlefieldheroespatcher@ea.com
[2009.02.24 13:37:20 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\FFClickOnce@softwarepunk.com
[2010.03.10 22:26:21 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\firefox@tvunetworks.com
[2010.03.12 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Human\AppData\Roaming\mozilla\Firefox\Profiles\s5soghby.default\extensions\youtube2mp3@mondayx.de
[2010.05.07 22:33:23 | 000,002,008 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\leo-de-en.xml
[2010.05.07 22:33:22 | 000,002,298 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\leo-fr-de.xml
[2008.07.18 09:59:10 | 000,001,935 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\megadownload.xml
[2009.01.26 15:19:23 | 000,001,330 | ---- | M] () -- C:\Users\Human\AppData\Roaming\Mozilla\FireFox\Profiles\s5soghby.default\searchplugins\wikipedia-en.xml
[2010.05.14 11:29:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.02.22 14:42:10 | 000,390,512 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npoctoshape.dll
[2010.03.14 18:58:56 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.14 18:58:56 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.14 18:58:57 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.14 18:58:57 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.14 18:58:57 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Human\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Human\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Human\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9215c21b-c03d-11dc-865d-001195e64caf}\Shell - "" = AutoRun
O33 - MountPoints2\{9215c21b-c03d-11dc-865d-001195e64caf}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{dbc3e181-70cc-11de-a42c-001195e64caf}\Shell - "" = AutoRun
O33 - MountPoints2\{dbc3e181-70cc-11de-a42c-001195e64caf}\Shell\AutoRun\command - "" = E:\Launch.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.14 18:39:03 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\Malwarebytes
[2010.05.14 18:38:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.14 18:38:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.14 18:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.14 18:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.14 18:34:17 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Human\Desktop\OTL.exe
[2010.05.14 11:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Human\AppData\Roaming\lowsec
[2010.05.12 18:50:34 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\LolClient
[2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Users\Human\Documents\StarCraft II Beta
[2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta
[2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Local\Blizzard Entertainment
[2010.05.09 16:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.05.09 16:06:32 | 000,000,000 | ---D | C] -- C:\Users\Human\Desktop\versions
[2010.05.09 13:56:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[2010.05.08 13:29:24 | 000,000,000 | ---D | C] -- C:\Users\Human\Documents\GTA San Andreas User Files
[2010.05.07 22:52:38 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.05.07 14:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft 2
[2010.05.04 19:51:21 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\TS3Client
[2010.05.04 19:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.05.03 20:52:04 | 000,000,000 | ---D | C] -- C:\hsperfdata_KYOTO-SHI$
[2010.05.02 09:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\RapidBIT
[2010.04.24 12:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Gamehouse
[2010.04.24 11:34:11 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\Octoshape
[2010.04.23 20:59:22 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\PopCapv1002
[2010.04.23 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Human\AppData\Roaming\PopCapv1005eni
[2010.04.23 14:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Popcap Game Collection
[2009.09.20 20:57:34 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2009.09.20 20:57:31 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[13 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.14 21:30:04 | 004,718,592 | -HS- | M] () -- C:\Users\Human\ntuser.dat
[2010.05.14 21:20:04 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.05.14 21:20:04 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.05.14 21:12:04 | 000,003,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.14 21:12:04 | 000,003,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.14 21:12:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.14 21:12:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.14 21:11:58 | 3219,308,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.14 21:11:08 | 000,524,288 | -HS- | M] () -- C:\Users\Human\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.14 21:11:08 | 000,065,536 | -HS- | M] () -- C:\Users\Human\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.14 21:10:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.14 21:10:33 | 006,291,456 | -H-- | M] () -- C:\Users\Human\AppData\Local\IconCache.db
[2010.05.14 18:38:53 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.14 18:34:22 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Human\Desktop\OTL.exe
[2010.05.13 22:39:07 | 000,042,988 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100513_203837174.html
[2010.05.13 22:15:04 | 000,628,517 | ---- | M] () -- C:\Users\Human\Desktop\DSC01337.JPG
[2010.05.13 01:44:09 | 004,718,592 | -HS- | M] () -- C:\Users\Human\ntuser.dat_previous
[2010.05.13 01:20:23 | 000,524,288 | ---- | M] () -- C:\TMP0000006A0149CEE44DEE1C88
[2010.05.11 22:54:26 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100511_205422923.html
[2010.05.11 19:14:22 | 000,459,851 | ---- | M] () -- C:\Users\Human\Desktop\DSC00412.JPG
[2010.05.10 23:02:06 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100510_210205375.html
[2010.05.10 22:14:21 | 000,030,909 | ---- | M] () -- C:\Users\Human\Documents\AIDS.odt
[2010.05.09 22:36:10 | 000,042,756 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100509_203608294.html
[2010.05.09 16:19:16 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2010.05.09 00:25:51 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_222550507.html
[2010.05.08 23:14:11 | 000,056,272 | ---- | M] () -- C:\Users\Human\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.08 23:13:37 | 001,597,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.08 17:17:16 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_151715531.html
[2010.05.08 13:34:45 | 000,001,079 | ---- | M] () -- C:\Users\Human\Desktop\samp.lnk
[2010.05.08 13:29:15 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.05.07 23:25:08 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_212507117.html
[2010.05.07 22:52:38 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010.05.07 16:14:29 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_141427563.html
[2010.05.06 23:08:46 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_210842870.html
[2010.05.06 16:18:10 | 000,042,756 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_141809248.html
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.05 22:50:54 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100505_205052745.html
[2010.05.04 22:29:49 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100504_202929351.html
[2010.05.04 19:51:12 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.04 18:36:33 | 000,001,821 | ---- | M] () -- C:\Users\Human\Desktop\motherload.lnk
[2010.05.03 22:58:35 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_205834103.html
[2010.05.03 14:42:58 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_124256498.html
[2010.05.02 22:08:11 | 000,042,632 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100502_200803571.html
[2010.05.02 09:39:52 | 000,002,180 | ---- | M] () -- C:\Users\Human\Desktop\Bookworm Adventures Deluxe.lnk
[2010.05.02 00:05:34 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_220533281.html
[2010.05.01 18:59:33 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_165932129.html
[2010.05.01 11:15:09 | 000,042,624 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_091508459.html
[2010.04.30 23:05:09 | 000,042,748 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_210508516.html
[2010.04.30 18:28:10 | 000,042,930 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_162810041.html
[2010.04.29 22:32:23 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_203221249.html
[2010.04.29 17:18:01 | 000,042,988 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_151757671.html
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.28 22:04:55 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100428_200451616.html
[2010.04.27 22:01:40 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100427_200137259.html
[2010.04.27 17:09:22 | 000,387,385 | ---- | M] () -- C:\Users\Human\Desktop\DSC00396.JPG
[2010.04.26 22:14:11 | 000,042,952 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100426_201359730.html
[2010.04.25 22:45:11 | 000,042,924 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100425_204509599.html
[2010.04.25 01:36:34 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_233632753.html
[2010.04.24 14:17:19 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_121718341.html
[2010.04.24 12:43:53 | 000,000,122 | ---- | M] () -- C:\Windows\popcinfo.dat
[2010.04.23 22:39:38 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_203936423.html
[2010.04.23 15:11:19 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_131118306.html
[2010.04.23 15:00:52 | 000,000,649 | ---- | M] () -- C:\Users\Human\Desktop\Popcap Game Collection.lnk
[2010.04.23 15:00:27 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\Heavy Weapon Deluxe.lnk
[2010.04.22 23:24:14 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100422_212413261.html
[2010.04.21 23:00:09 | 000,042,980 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_205955687.html
[2010.04.21 15:11:29 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_131129040.html
[2010.04.20 22:37:33 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100420_203731183.html
[2010.04.19 23:33:27 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_213324366.html
[2010.04.19 15:28:08 | 000,042,872 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_132807389.html
[2010.04.18 22:59:52 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_205949971.html
[2010.04.18 15:55:44 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_135543656.html
[2010.04.18 15:36:20 | 000,042,996 | ---- | M] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_133616024.html
[2010.04.16 14:44:51 | 000,001,265 | ---- | M] () -- C:\Users\Human\Desktop\Pokesav_HGSS-ENG-Ver.0.03a_PP.org - Verknüpfung.lnk
[2010.04.15 18:52:34 | 000,524,288 | ---- | M] () -- C:\Users\Human\Desktop\Pokemon_HeartGold.sav
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[13 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.05.14 18:38:53 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.13 22:38:33 | 000,042,988 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100513_203837174.html
[2010.05.13 22:15:03 | 000,628,517 | ---- | C] () -- C:\Users\Human\Desktop\DSC01337.JPG
[2010.05.13 01:20:23 | 000,524,288 | ---- | C] () -- C:\TMP0000006A0149CEE44DEE1C88
[2010.05.11 22:54:21 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100511_205422923.html
[2010.05.11 21:23:32 | 000,459,851 | ---- | C] () -- C:\Users\Human\Desktop\DSC00412.JPG
[2010.05.10 23:02:03 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100510_210205375.html
[2010.05.10 20:06:43 | 000,030,909 | ---- | C] () -- C:\Users\Human\Documents\AIDS.odt
[2010.05.09 22:36:06 | 000,042,756 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100509_203608294.html
[2010.05.09 16:13:31 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2010.05.09 00:25:48 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_222550507.html
[2010.05.08 17:17:14 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100508_151715531.html
[2010.05.08 13:34:45 | 000,001,079 | ---- | C] () -- C:\Users\Human\Desktop\samp.lnk
[2010.05.07 23:25:04 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_212507117.html
[2010.05.07 22:52:38 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010.05.07 16:14:26 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100507_141427563.html
[2010.05.06 23:08:40 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_210842870.html
[2010.05.06 16:18:07 | 000,042,756 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100506_141809248.html
[2010.05.05 22:50:50 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100505_205052745.html
[2010.05.04 22:29:25 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100504_202929351.html
[2010.05.04 19:51:12 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.04 18:36:28 | 000,001,821 | ---- | C] () -- C:\Users\Human\Desktop\motherload.lnk
[2010.05.03 22:58:31 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_205834103.html
[2010.05.03 14:42:54 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100503_124256498.html
[2010.05.02 22:08:00 | 000,042,632 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100502_200803571.html
[2010.05.02 09:38:11 | 000,002,180 | ---- | C] () -- C:\Users\Human\Desktop\Bookworm Adventures Deluxe.lnk
[2010.05.02 00:05:30 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_220533281.html
[2010.05.01 18:59:30 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_165932129.html
[2010.05.01 11:15:05 | 000,042,624 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100501_091508459.html
[2010.04.30 23:05:07 | 000,042,748 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_210508516.html
[2010.04.30 18:28:07 | 000,042,930 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100430_162810041.html
[2010.04.29 22:32:20 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_203221249.html
[2010.04.29 17:17:55 | 000,042,988 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100429_151757671.html
[2010.04.28 22:04:48 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100428_200451616.html
[2010.04.27 22:01:34 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100427_200137259.html
[2010.04.27 19:10:08 | 000,387,385 | ---- | C] () -- C:\Users\Human\Desktop\DSC00396.JPG
[2010.04.26 22:13:57 | 000,042,952 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100426_201359730.html
[2010.04.25 22:45:06 | 000,042,924 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100425_204509599.html
[2010.04.25 01:36:29 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_233632753.html
[2010.04.24 14:17:15 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100424_121718341.html
[2010.04.23 22:39:35 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_203936423.html
[2010.04.23 15:11:16 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100423_131118306.html
[2010.04.23 15:00:52 | 000,000,649 | ---- | C] () -- C:\Users\Human\Desktop\Popcap Game Collection.lnk
[2010.04.22 23:24:10 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100422_212413261.html
[2010.04.22 22:35:09 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\Heavy Weapon Deluxe.lnk
[2010.04.21 22:59:51 | 000,042,980 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_205955687.html
[2010.04.21 15:11:26 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100421_131129040.html
[2010.04.20 22:37:28 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100420_203731183.html
[2010.04.19 23:33:21 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_213324366.html
[2010.04.19 15:28:04 | 000,042,872 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100419_132807389.html
[2010.04.18 22:59:46 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_205949971.html
[2010.04.18 15:55:41 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_135543656.html
[2010.04.18 15:36:13 | 000,042,996 | ---- | C] () -- C:\Microsoft .NET Framework 3.5-KB963707_20100418_133616024.html
[2010.04.16 14:44:51 | 000,001,265 | ---- | C] () -- C:\Users\Human\Desktop\Pokesav_HGSS-ENG-Ver.0.03a_PP.org - Verknüpfung.lnk
[2010.04.16 13:19:21 | 000,524,288 | ---- | C] () -- C:\Users\Human\Desktop\Pokemon_HeartGold.sav
[2010.02.19 17:59:08 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini
[2010.02.19 17:56:43 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2009.12.05 01:09:35 | 000,000,506 | ---- | C] () -- C:\Windows\System32\config.ini
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.20 20:57:31 | 000,015,478 | ---- | C] () -- C:\Windows\snpstd3.ini
[2009.08.22 17:12:40 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.04.29 18:58:22 | 000,000,027 | ---- | C] () -- C:\Windows\ic.ini
[2009.04.09 00:53:56 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2009.02.16 01:04:24 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2008.11.21 00:02:04 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008.11.15 18:52:39 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2008.10.28 14:55:24 | 000,000,307 | ---- | C] () -- C:\Windows\game.ini
[2008.08.26 15:29:55 | 000,000,255 | ---- | C] () -- C:\Windows\kaillera.ini
[2008.06.21 12:42:11 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.06.06 22:43:05 | 000,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.05.23 00:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.05.23 00:19:46 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.05.23 00:19:46 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.05.23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007.12.22 19:20:40 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007.11.06 22:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:45690DD4
< End of report >

Human 14.05.2010 21:04
und aus Extras.Txt
Code:
OTL Extras logfile created on: 14.05.2010 21:29:04 - Run 1
OTL by OldTimer - Version 3.2.4.1    Folder = C:\Users\Human\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451,11 Gb Total Space | 42,53 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive D: | 14,63 Gb Total Space | 9,34 Gb Free Space | 63,86% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: KYOTO-SHI
Current User Name: Human
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe" = C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video Cleaner -- File not found
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009079B7-BACB-4861-8504-EB6F1BD93217}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher |
"{02FB27B0-2EBF-4185-8F88-D38FB6D76761}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher |
"{087AB973-D5FA-4260-B2C4-3BC10C845929}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{08B897B9-DBE0-4844-A4E2-1E71ED2056E5}" = lport=6984 | protocol=6 | dir=in | name=league of legends launcher |
"{0CB69BD5-ABC2-4940-B544-E44FA8654F55}" = lport=8383 | protocol=17 | dir=in | name=league of legends launcher |
"{0D1218E5-5CD2-4CB4-862A-33D34B9EA888}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0FA1F9C2-298B-42FB-A303-A1635028581F}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher |
"{11B47E74-27E2-43B4-A92C-3AF8CACDF161}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{14D18327-72A1-4A03-BB21-1B033516EAA2}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher |
"{179E347E-F916-4F0C-A152-9C53855A9C77}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{17CCE68B-26AB-466D-A21A-3C72BCCB68A0}" = lport=6916 | protocol=17 | dir=in | name=league of legends launcher |
"{18667CCA-612B-49A3-91E2-937047DB4774}" = lport=56098 | protocol=6 | dir=in | name=league of legends launcher |
"{1A32A9AC-8009-4E06-A1E2-4F1FE55BFEEB}" = lport=6962 | protocol=17 | dir=in | name=league of legends launcher |
"{1A66DDB8-898B-4728-B069-E080CE31BB4D}" = lport=6971 | protocol=17 | dir=in | name=league of legends launcher |
"{1CF91608-DF29-45E7-AC26-665215C7C56C}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher |
"{1E6092ED-D4B1-4BB3-AD66-3D5CEAF8BECA}" = lport=8384 | protocol=17 | dir=in | name=league of legends launcher |
"{1EC84243-D247-436A-8E80-6D5DA747B333}" = lport=6964 | protocol=17 | dir=in | name=league of legends launcher |
"{20E247EF-CBDB-4946-AED0-9122FA492DB3}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{2AC3AB01-61B9-4599-AF83-1E742767CE3A}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher |
"{2D87B0D4-A8A8-492A-B8F2-1B0C89915E49}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{30B22500-7A39-4A32-99D8-9982BC90BCBF}" = lport=6897 | protocol=17 | dir=in | name=league of legends launcher |
"{321F113A-3233-4313-9AB4-1ED6C964A97E}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{3458D349-AB37-466D-85E7-AE68E8A2098F}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{39CF4BAE-58B9-43A0-97C3-95F3383AD3CD}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher |
"{3A71E220-D3D0-4E10-AC12-CBDB13F950E6}" = lport=6940 | protocol=6 | dir=in | name=league of legends launcher |
"{3A736192-336C-4A96-A15E-56C2BBDB0C7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3B6E064D-EE37-4712-B3B5-72AB73B07894}" = lport=6964 | protocol=6 | dir=in | name=league of legends launcher |
"{3CD230A8-D815-410D-93BF-BB0B7196011E}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{468A5001-5A13-417D-BDF5-66483719F30C}" = lport=6913 | protocol=6 | dir=in | name=league of legends launcher |
"{4C820782-DF4F-4DD0-B067-F4BBC5F12810}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{4E3B33A7-8BFF-4413-8A1F-F98612BDF3BC}" = lport=52989 | protocol=6 | dir=in | name=league of legends launcher |
"{5023E3A1-A1F5-4FC4-AAE5-B405C6C8CF41}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{5240443C-E0D5-4760-BE46-CC345C07FDB2}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher |
"{56F67902-AEA1-4B69-9F5F-225EB92B8427}" = lport=6885 | protocol=6 | dir=in | name=league of legends launcher |
"{57FF8380-4600-4247-9C11-A38B368F6643}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{5899107E-E03C-407E-AC5E-7502AF020233}" = lport=6962 | protocol=6 | dir=in | name=league of legends launcher |
"{58F49803-0CAE-42FA-91A1-E1868587127B}" = lport=8382 | protocol=17 | dir=in | name=league of legends launcher |
"{5D471DEB-271A-4ED0-93DF-AD3B3B51F704}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher |
"{5F717342-6254-4527-B87D-E1AC31E388D7}" = lport=6913 | protocol=17 | dir=in | name=league of legends launcher |
"{5FCBA4F0-2D16-4EA2-A2A5-BD981E77D829}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{62184EBE-E944-4AA7-8438-129E73D9130C}" = lport=8399 | protocol=6 | dir=in | name=league of legends launcher |
"{63EA6BFA-4920-4C47-9EE4-CC953F121C6B}" = lport=53365 | protocol=17 | dir=in | name=league of legends launcher |
"{65226E0F-02D9-4D0D-921C-F99D7A44F4D3}" = lport=6940 | protocol=17 | dir=in | name=league of legends launcher |
"{6657C147-694E-43CF-95F2-C2842A422D41}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher |
"{6999CCB3-395D-46DD-A332-26F7392AED8B}" = lport=8384 | protocol=6 | dir=in | name=league of legends launcher |
"{6B2B12E3-D3FF-45E5-80DC-6FB1D8852F07}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{6F37E164-1720-45D8-80D0-6F3C5367904E}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{7159D3C4-AE01-4FA0-8C41-3935EBB2C795}" = lport=6897 | protocol=6 | dir=in | name=league of legends launcher |
"{79F09D13-02BF-4E74-AD01-61E1971B5D59}" = lport=6934 | protocol=6 | dir=in | name=league of legends launcher |
"{7CCF8E45-9EF7-410B-A308-F052289DC926}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher |
"{849FE548-3660-4A9B-A662-C733BBD364BD}" = lport=6987 | protocol=6 | dir=in | name=league of legends launcher |
"{87EA7331-EE5C-414E-B254-A19AF2E830BE}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{87FFC4FD-74D0-4025-AFC6-889ECB7F03EC}" = lport=6916 | protocol=6 | dir=in | name=league of legends launcher |
"{8B9CBA55-93D5-458A-B1F6-F8FBEECADC06}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{90CBC505-553F-449C-A087-7DFEF890AEB8}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher |
"{A2018B35-A41B-4D32-AC72-0C553E48D1B5}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{A31F617D-E50A-4731-9E05-7F49ADA35C6F}" = lport=52989 | protocol=17 | dir=in | name=league of legends launcher |
"{B045700E-CF98-46FF-B74F-5896704AE25B}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher |
"{B088AEDB-105C-4774-BF7A-8C2AA351382C}" = lport=6934 | protocol=17 | dir=in | name=league of legends launcher |
"{B8B0F91E-1404-40E0-8E05-DCA77633626B}" = lport=6994 | protocol=6 | dir=in | name=league of legends launcher |
"{B9CFB9DE-A13C-44DA-A226-56B880A0188D}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher |
"{C5D6ED9B-3DEE-42CD-97D0-32847F933323}" = lport=6984 | protocol=17 | dir=in | name=league of legends launcher |
"{C8222B57-7733-4B8C-BD87-0B503A95477C}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{C9CD4D71-D53F-4D1A-A69C-D73309D2DF2E}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{CA715B28-A644-4417-B48D-1BBB579DFFA8}" = lport=8382 | protocol=6 | dir=in | name=league of legends launcher |
"{CB7EE1D9-3AB8-4468-8696-9276949E5A63}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{CBC4F99E-3470-4627-9784-D4B02A9CDED9}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{D2FC6E9E-E435-4B63-BCF1-5CB585E44E03}" = lport=8384 | protocol=17 | dir=in | name=league of legends launcher |
"{D378B949-34CE-4BC3-8B03-75874CEF5E62}" = lport=56098 | protocol=17 | dir=in | name=league of legends launcher |
"{D3F13528-94F3-45A9-A07F-090113758281}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{D83C53C1-4F41-4BDD-9BCA-AC8881050811}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{D8713DCC-97CA-4046-9450-51139FAF38D3}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{DCAF0406-3191-499E-8779-C0DD338888D2}" = lport=53365 | protocol=6 | dir=in | name=league of legends launcher |
"{DD8F3072-14CA-43F0-AAD3-7EB219FD492E}" = lport=6971 | protocol=6 | dir=in | name=league of legends launcher |
"{DFC7C45C-DF8A-474B-B0FC-1A2B24160D8F}" = lport=8399 | protocol=17 | dir=in | name=league of legends launcher |
"{E1B43BBD-D977-481D-A979-76F18BEFB2D7}" = lport=8384 | protocol=6 | dir=in | name=league of legends launcher |
"{E3A3CF55-3C6D-4CCC-9BAD-1C2E0472FA19}" = lport=6987 | protocol=17 | dir=in | name=league of legends launcher |
"{E6911386-FB55-4ECC-8928-2E4A3D5C5070}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher |
"{EA123DEA-C715-4F13-B0DA-64D4585FF960}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{EA767FDF-5A66-4D61-91AA-84820E448307}" = lport=6994 | protocol=17 | dir=in | name=league of legends launcher |
"{EDDD178B-DDBF-4675-A01E-FEDF9C1FB5AB}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{F07D5CD1-5454-4B94-9E9D-C05CCDA09AF6}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher |
"{F5AB5C66-DAA5-4378-AF39-21447BEA7AA0}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{F6A4FBD4-3FEA-4A13-8816-32BA2C5A8E4F}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{F8EF9242-26BC-41FB-9040-F73BB9832160}" = lport=6885 | protocol=17 | dir=in | name=league of legends launcher |
"{FD25B038-14B4-4F0A-B9BE-644C12AC0E6F}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher |
"{FF0DEBB9-1668-4565-8090-34F6362ED577}" = lport=8383 | protocol=6 | dir=in | name=league of legends launcher |
"{FF834120-260D-4C29-999B-B77B6EB85C98}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00739A22-6127-4F23-B13C-79BCC4C21A00}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia\princeofpersia_launcher.exe |
"{01A2D8DB-A47B-47EF-BC70-1063061E541A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{048E002F-BB3B-4010-AAC6-8379E7F82013}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{04E3DB5B-2926-48BF-9469-2FE1D4F38F0A}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{0BBA002D-9484-481D-9DE2-A461F2846CAC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\sf4launcher.exe |
"{0E09CA96-415E-497C-87B2-03C9263C54B7}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{0E39466C-F7D2-48E5-82FE-F0DA4BE725CB}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{14B6C998-FC39-421D-B0CD-073FC5CF23F1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia\prince of persia.exe |
"{17E2FDF7-F7AE-44F0-AB07-491D77298410}" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{1A6661D8-4AB1-420F-9AA6-63A93F64A9CE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia\prince of persia.exe |
"{26000304-29F9-401B-9993-3051774785B1}" = protocol=58 | dir=in | app=system |
"{26F1AF52-FFD1-4293-ADEB-B127E2E0B151}" = protocol=6 | dir=in | app=c:\program files\league of legends\lol.launcher.exe |
"{29693309-F93E-4F05-9E69-995F103B8B3A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2C00013E-A7E5-46B5-A537-0D89A5A52483}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{2F1D7CF2-B5D3-4B53-A3F6-453D1DF1D787}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{303626C1-92AF-4BFF-B45A-181CDE0334EB}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{341C9C85-06B2-47D7-A047-1503DEF0E1C0}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{35260E16-E4DC-4B3B-852B-9805264F71D7}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{36C288EF-57EB-4CAB-9A7B-CF7650E079D8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3E088944-1AFC-4EA4-8496-A63829A64CF4}" = protocol=6 | dir=in | app=c:\program files\ut2004\system\ut2004.exe |
"{42E67D4C-A7D6-4AB1-8182-070BD00C5313}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{4515E276-7012-4443-8918-DB1C302CCE85}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{465EEE13-633E-4E6E-8768-DE0470997986}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{4866B354-A950-4669-A51A-87AC901A5AA3}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{49CEBBCB-B88D-4FFB-AD99-5FC0AF15203A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{4A2BD444-32BF-4019-B46D-27A252C6307C}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{4EBD9075-730E-4FCA-B3FF-D973A83C8EDB}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{557E5858-CD2C-4FD3-BE1E-24BFB2286AF8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{5C1E2FF8-E3C7-4E0C-933D-10E152C6858E}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{6038C589-3BA4-4251-8FA4-484D22D6B3D2}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{62BB2CA3-9480-446F-AF65-DF3C022F05F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{63811A3D-705D-4D72-940D-9370951D1150}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{6C780331-5095-455B-95DB-6E638E0EA7EC}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{6F9CF48C-6AF7-423A-A482-A60013DB426E}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{774FDDD8-16F7-4E86-B66D-73C319C62D82}" = dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.0\cnc3ep1.dat |
"{79C3AF93-6B91-4A85-AD1D-F02FBE541AC6}" = protocol=17 | dir=in | app=c:\program files\ut2004\system\ut2004.exe |
"{7B071A21-4A02-4844-9B9F-84A292372E2F}" = protocol=17 | dir=in | app=c:\program files\league of legends\lol.launcher.exe |
"{81E78ECC-253E-431D-AD67-A8DA96521082}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{84280E2F-872B-44A1-BE12-830B9A1DFE86}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8C6476B5-82D9-4B4F-9BB7-4002107C34D0}" = protocol=1 | dir=in | name=lan-explorer - echoantwort (icmpv4 eingehend) |
"{8D6B6785-CB95-4F38-9145-3962F5C20EB5}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{90CCD1C7-065E-4724-A4FF-9B73D566854F}" = dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{936D3444-EB4C-4058-845E-3922F2047891}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia\princeofpersia_launcher.exe |
"{95E58769-8C38-4E4F-B7CF-0BACC121D53B}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{97B50053-96D2-4B3E-8285-30F0B8B1D73B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\sf4launcher.exe |
"{9BD5AD38-EC44-47F7-A08E-88E452C561EB}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{9DCB115D-5556-48D1-8BC5-7DD519D6D499}" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{9ED7B5FD-8F72-49AB-9E6E-73B53FB694EE}" = protocol=6 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe |
"{A21B2409-4DCC-478B-9A6D-A3DFD43786AD}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{A3978F9A-AE7D-47BB-B7DB-F77198E8B30D}" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"{A7A2A656-17BD-44A7-A5B5-EEDC3F4F2618}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{A80D3946-423B-4C06-A218-B26171448B0D}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{AB83A238-AF56-4146-B639-5854A8D55F63}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ABB4520D-D4FE-4360-A551-385D23A9AD2F}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{AFB96EE7-CE43-4DCD-BE09-F94C895751F0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B1A76DB1-F115-4C4E-ABE0-E85143BCB1DF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{B6F29B07-805F-410C-B413-8C7B6B3EA004}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{BCDB4460-82AA-45D4-B307-82B586830D72}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{C05E81CE-2BC1-430D-BAFD-DEAA8A195003}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"{C2B231A5-B528-4B4E-91F4-E6047E9B3907}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{C41511AC-7221-460B-81BB-3CDD91B70E26}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{CA457EEB-1389-446C-9BBF-E895C74CAE1C}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{CAF6A0A6-599E-45F4-BF0F-8A30DE86B81E}" = protocol=17 | dir=in | app=c:\games\dragon age\daoriginslauncher.exe |
"{D58A668E-B436-402D-8AD6-612A71C5AB19}" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{DB41E284-D749-42FE-B0D7-EA81C5BB61FF}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{E1CAAE4A-2AD9-443B-B743-B0D3B60196B0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E2B0CD01-BCE8-4496-8685-E109A9D356F3}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{EE11784A-2A85-4125-9780-EBABE80AE556}" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\PES09\pes2009.exe |
"{EF6B8241-7C73-4BFF-A0F4-EF557A4C800D}" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{EFB11DC5-A42C-4A14-9FC4-28A6556BDB8C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F16F4176-D869-4F04-9C76-D4DE8BC3FBB1}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{F9476E03-FEB7-4BEF-8AB9-813ED26F8406}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FCC49DCD-E57F-4FD6-AE9A-04648ACEED31}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{FF0C5695-9F19-405F-A521-C25F9D003DF7}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"{FF445000-AB9E-491F-9976-C08D3ACED491}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{01AD94B5-93DA-4F3F-B89D-4E5C294552C3}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"TCP Query User{03EA6766-60F8-47FF-89C2-A8503BBC23D7}C:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe" = protocol=6 | dir=in | app=c:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe |
"TCP Query User{04E1D089-D9C9-4C51-AC94-03D41B9A7C83}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"TCP Query User{06919E79-D0B7-4D05-9E69-1AF48039EBFF}C:\program files\littlefighter2\lf2_v1.9c\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v1.9c\lf2.exe |
"TCP Query User{075FB58C-C838-447D-966C-4D0642BC5B0F}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{08386CC6-19E8-4282-8C8C-C4B9EE06A223}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{1272C3A1-B629-46E6-A246-623BCB28F465}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"TCP Query User{19416DE6-BA1E-4922-B522-FBB7F3C79196}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"TCP Query User{1D69EF5D-F33B-4739-BFAB-F0E94CB9C9C7}C:\program files\cs\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs\hl.exe |
"TCP Query User{1FBD11C1-FB83-4602-AB04-60BC96EB0957}C:\users\human\documents\downloads\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\left 4 dead\left4dead.exe |
"TCP Query User{21CA1DA2-6615-4F62-A9D3-2AF13FE25680}C:\users\human\downloads\starcraft\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\starcraft\starcraft\starcraft.exe |
"TCP Query User{22258979-23DC-442A-8433-089D7D9A5202}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"TCP Query User{2443296B-E9D7-45EF-9711-E491D5043C34}C:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe |
"TCP Query User{25B9B921-C89E-4978-A22F-82B36D3C7EEA}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{28F864FB-B973-4CEC-A9CF-A59432301A67}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{2CF65296-0BC0-4270-92C8-EDD25BEFF0E2}C:\users\human\documents\cs\hl.exe" = protocol=6 | dir=in | app=c:\users\human\documents\cs\hl.exe |
"TCP Query User{2D41823E-6BB7-409C-883C-378742E50750}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{2E8B8419-F0E8-4F3A-8D75-0BE73FBF9F40}C:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{2EB00FF9-67AA-4601-B381-56DC3B7406E1}C:\program files\ggpo\ggpofba.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"TCP Query User{30476879-0CFB-4195-89EC-497151C04E1C}C:\program files\ggpo\ggpo.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"TCP Query User{335A89D1-4521-45A7-8CD4-EC8F316E31E9}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"TCP Query User{34B946B4-9F83-40A5-A476-2CF628FCD5B8}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{373FBC99-B727-49DD-82B8-F8204B234FF8}C:\program files\trackmania nations eswc\tmnationseswc.exe" = protocol=6 | dir=in | app=c:\program files\trackmania nations eswc\tmnationseswc.exe |
"TCP Query User{395DD0BE-835B-41C9-9FCB-5FFD3CDDFCF1}C:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe" = protocol=6 | dir=in | app=c:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe |
"TCP Query User{3A611572-FFA4-4391-92B9-A118185B1F91}C:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat |
"TCP Query User{3FE36E7A-7329-4E77-8A02-3967CA619EE4}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{40DF8021-BBA3-450E-BE68-1A27D0E371B2}C:\program files\cs\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs\hl.exe |
"TCP Query User{49AD9413-60E8-4867-995B-E51B5AE864AB}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{4BAC9DEE-CA73-468D-82FD-A3C74E6CD303}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe |
"TCP Query User{4EEF7085-B773-465E-BC03-24902BBBF21E}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"TCP Query User{4EF264CC-E02E-4EA8-AAF2-6CDF7C9851D1}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"TCP Query User{502C4013-20ED-4804-AE53-16A284DCE0F3}C:\program files\starcraft ii beta\versions\base15250\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15250\sc2.exe |
"TCP Query User{5700424A-0FA4-48F8-8DB9-66B9030093BE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{58996510-8210-41A4-B9F1-6ED9D378BF46}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{5A829F35-B525-4DE3-A924-46ACF1D7D752}C:\program files\thq\titan quest immortal throne\tqit.exe" = protocol=6 | dir=in | app=c:\program files\thq\titan quest immortal throne\tqit.exe |
"TCP Query User{5F510D55-7A57-4187-908B-B9F652003A05}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{5FD59323-F004-4828-A33A-3F6C6F3EC1C1}C:\games\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"TCP Query User{5FDFC8DD-3387-4371-B667-2FD7EF6E7401}C:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe" = protocol=6 | dir=in | app=c:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe |
"TCP Query User{62D73F82-0A5C-456E-989F-D2AB84143012}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{62E56303-CCD5-4068-A44A-82FFDD81DE19}C:\program files\qtracker\qtracker.exe" = protocol=6 | dir=in | app=c:\program files\qtracker\qtracker.exe |
"TCP Query User{680C25F3-C563-4606-B00E-4AD3F0C8BD5C}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6C66F01E-9DD1-42E4-B354-27EC6D34ED94}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"TCP Query User{6D4AEB67-16B2-4077-82C2-EEEB53FB1EBB}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"TCP Query User{6E17AE0D-3D9F-4B77-A9AF-354B3D698261}C:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe |
"TCP Query User{6E3A83BE-8A20-40E4-92F9-1643344E6EE5}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{6F3C7FD2-CB53-41FA-A682-07928FFB3139}C:\program files\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\fallout 3\fallout3.exe |
"TCP Query User{6F69610C-6016-41B3-8F09-CAA8B6D92363}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{724F7BD0-FE31-4DE5-8C12-BE5F4ABDB153}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{79B7A23B-CE88-441E-B11E-1EAE33D40055}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{7DA3FF45-C63E-4D9F-9BC2-7B7668F5CE9E}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{7EA86034-28BC-4BFB-92FF-B341CD7285C2}C:\program files\ggpo\ggpofba.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"TCP Query User{80E04C99-EF5B-46E8-97A6-ED092F7ED556}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{84469952-3483-4AF4-AAE0-1CECA98CCE94}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"TCP Query User{89889EEF-4037-45B7-A511-5081685F9201}C:\program files\hercules\deluxe optical glass\station2.exe" = protocol=6 | dir=in | app=c:\program files\hercules\deluxe optical glass\station2.exe |
"TCP Query User{8A3CA26C-0A88-4CE2-BCDE-29487BAD6CFF}C:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe |
"TCP Query User{8C53A426-CF1C-47B7-BD37-E6572926F9A3}C:\games\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\games\left 4 dead\left4dead.exe |
"TCP Query User{8E056C0C-59E1-493D-A263-A8E58B094633}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"TCP Query User{9554062E-53E4-4DF2-AC90-1FA1D5860C08}C:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe |
"TCP Query User{96D1CAFB-4C7F-4C8F-94DC-DE2F70BD4D60}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"TCP Query User{9B5A9E28-4A60-4941-9CB6-8005B243F99E}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"TCP Query User{A8758638-54F4-4993-802C-27706E110F78}C:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{A97AD82C-2F29-4EB9-837C-792C69D9E7F3}C:\program files\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"TCP Query User{AD3D499E-C057-4E9D-B6AA-E9DCFF461941}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{AD5B3760-90BF-4B64-BA30-C9CF10D8A46C}C:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe" = protocol=6 | dir=in | app=c:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe |
"TCP Query User{B29D51FA-8EC7-4165-8C1F-DA3348BD1EB9}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B5C53588-BBD1-42BF-A97B-D43B41756319}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=6 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"TCP Query User{B63CDC5E-40C4-485B-A70C-7AA12A036586}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{B69B1E34-E03D-45AA-B1F4-2CDFBF30A8F3}C:\program files\steam\steamapps\acid-burn\half-life\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\acid-burn\half-life\hl.exe |
"TCP Query User{B7B65461-23A6-4F90-A888-DE4F4BAECDE3}C:\program files\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\program files\unrealtournament\system\unrealtournament.exe |
"TCP Query User{BE806842-B569-4476-8C70-A5F883878B0E}C:\program files\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"TCP Query User{C1C74643-A896-4899-B70D-58658639D5E8}C:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CA90085E-166B-45C7-A133-E4131D202349}C:\program files\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"TCP Query User{D53911D6-E144-4FE8-8F97-7DDE054D0A7E}C:\users\human\downloads\flt-fif8\fifa08.exe" = protocol=6 | dir=in | app=c:\users\human\downloads\flt-fif8\fifa08.exe |
"TCP Query User{D544D8F1-77A2-4FBC-83F2-7F5005539DD3}C:\program files\ggpo\ggpo.exe" = protocol=6 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"TCP Query User{D8C4CC8D-310D-4F7B-A7E1-3C4166B38354}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DF989667-3155-43FE-A84C-FB78DB0619A2}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |
"TCP Query User{E36E58A3-C5BC-4414-A2C1-91865ECFDB63}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{E6113D2A-326C-4F6F-881C-E9629BF8D01E}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{E7190A22-089B-4CC7-A0C2-EF0FD0679FCA}C:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"TCP Query User{EC97E04A-996D-4140-8B91-4A24DFCD35B8}C:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"TCP Query User{EF34193B-B940-473B-B2FC-DB0B8A1D0710}C:\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\soldat\soldat.exe |
"TCP Query User{F3E9D09A-1517-4562-BD48-A278437052F3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F8618645-29B6-44B5-B967-A62215E7F689}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{F906E58C-C209-4962-BD0E-F545B2EF3A43}D:\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=d:\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{FDD2E893-C7FE-4388-8739-B8E5BB249AA6}C:\program files\kyodai mahjongg 2006\kmj.exe" = protocol=6 | dir=in | app=c:\program files\kyodai mahjongg 2006\kmj.exe |
"UDP Query User{0328D1E6-26FA-45CC-9097-98A5BC311F54}C:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"UDP Query User{04A401BD-EB5C-4800-981D-E44FB07D538E}C:\program files\ggpo\ggpofba.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"UDP Query User{04CF06C1-CBDB-44CC-9A1C-ED953F1F432E}C:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\acid-burn\counter-strike\hl.exe |
"UDP Query User{0587D7AD-1A2B-4A9C-A24F-566C18EC27A2}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{0792CD51-BD83-4B2D-B2BB-3555A67911DD}C:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{0996C6CA-852F-4B34-B03E-03EE57E9B504}C:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\human\desktop\rocky\worldofwarcraftpatch1_11\wow-1.10.2.5302-to-1.11.0.5428-dede-downloader.exe |
"UDP Query User{0EDD0CB1-BB2F-4D43-B7EA-C882CB912B1F}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"UDP Query User{1098E10E-3498-4A7B-A4E7-6B141267332C}C:\program files\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\fallout 3\fallout3.exe |
"UDP Query User{119BB6D1-B7BF-4262-921F-DC76FBE9B874}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"UDP Query User{11F3B0E9-69BB-450E-963D-601C02E0F0A6}C:\program files\cs\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs\hl.exe |
"UDP Query User{151EF2FA-BF49-4D81-9EF0-9787659FB147}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"UDP Query User{16F6EEA7-EE89-4299-9387-8E4FD1F398AF}C:\program files\hercules\deluxe optical glass\station2.exe" = protocol=17 | dir=in | app=c:\program files\hercules\deluxe optical glass\station2.exe |
"UDP Query User{1CA8DDBF-C7A6-441C-8AF6-CB1C762D8D80}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1E2440A0-C371-44F1-9574-2AE7C828D533}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{1E355C58-8025-4752-9E6A-4C4C3B1B6EE3}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{20B603F9-9872-4002-8AB7-F53E03032C42}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{21833FCA-F860-4739-A32F-447173B4B3FA}C:\users\human\documents\downloads\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\left 4 dead\left4dead.exe |
"UDP Query User{21995FEE-1C85-4F95-8315-FD09F2955CC5}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{26C3F154-048D-43C5-8A4C-8B662A9B76F5}C:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe" = protocol=17 | dir=in | app=c:\program files\atari\magic the gathering - battlegrounds\system\mtgbattlegrounds.exe |
"UDP Query User{26ED5FF3-58CA-4A47-8BAC-229F798EAF01}C:\program files\starcraft ii beta\versions\base15250\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15250\sc2.exe |
"UDP Query User{279C084B-A307-4A3C-8611-52FE3A1451F3}C:\program files\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"UDP Query User{28815B22-34B2-4CFE-9833-4D4671AD507F}C:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe" = protocol=17 | dir=in | app=c:\users\human\documents\lan-explorer downloads\listchecker\pickup.listchecker.exe |
"UDP Query User{28FACCD7-8BEC-4B71-8A4B-B5B54B4B16AA}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"UDP Query User{29FCF975-9B2D-42DD-87BB-DA816CB3FDD3}C:\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\soldat\soldat.exe |
"UDP Query User{2C18AD3B-02C3-4AE8-B7A9-417D8B1346EF}C:\program files\littlefighter2\lf2_v1.9c\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v1.9c\lf2.exe |
"UDP Query User{2E60C31C-7BC8-44D2-944F-E45EE4E3DB44}C:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\warsow_0.42_unified\warsow_0.42_unified\warsow_x86.exe |
"UDP Query User{3129ADE5-39A6-46D4-940D-094FF8980EC3}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{35FD6CA3-0D13-4C6A-A249-C791002A1E04}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"UDP Query User{38B301B9-1DAC-4C4E-96F8-DA14A97AAAFF}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{4562A02C-A698-4834-A605-02C5578AC982}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{493FB3CB-F8F8-4D78-8088-69CEC1634AB3}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{50234F6F-372A-4E38-931E-B4A257920102}C:\users\human\documents\cs\hl.exe" = protocol=17 | dir=in | app=c:\users\human\documents\cs\hl.exe |
"UDP Query User{505FE28F-F344-4ADA-A1FC-47430F3834E1}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{555A2E2E-B99A-4D94-B2C3-4B49ADB882C4}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"UDP Query User{566BD7C2-D147-48AF-A567-E59F85F90442}C:\program files\littlefighter2\lf2_v2.0a\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0a\lf2.exe |
"UDP Query User{5D150263-EFDB-42DA-8F5C-14F84579011F}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{6105355F-5C72-4CF5-BD5A-DE7CBBD7EC27}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{62144491-EC00-4890-896B-A7A3EB55994B}C:\program files\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\program files\unrealtournament\system\unrealtournament.exe |
"UDP Query User{68BF0453-5F16-4D80-A150-784D921EB16D}C:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\damdai\2df\freeplay\freeplay_emu.exe |
"UDP Query User{6C22498B-629F-46F5-9DA4-97B90B910943}C:\program files\ggpo\ggpo.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"UDP Query User{6F1A290D-8629-440A-B8D1-4EFBE59F2A89}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{7923A9FA-350F-4A53-8099-B08E6A5F9B32}C:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\vlc-0.8.6d-win32\vlc-0.8.6d\vlc.exe |
"UDP Query User{7A1619BD-17AE-4733-8641-0F8D77D07E74}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |
"UDP Query User{7A7831AE-704B-417E-9494-C65E45CE54E7}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{82AEC2D6-FB8D-4C15-8DEB-56F9DD150678}C:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{86466F83-AAA4-4DC7-81A9-E71E903B79BF}C:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\local\apps\2.0\gyr0ndye.q56\wbcbgvll.xyr\2dff..tion_fcdf29b345c9098a_0001.0000_89b83da73a004bb4\2df freeplay client.exe |
"UDP Query User{87BBFC6A-DCAF-4D5C-B496-A16C181C27C8}C:\program files\ggpo\ggpofba.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpofba.exe |
"UDP Query User{88C47A1F-901F-494C-9336-AC08D9E6F8CC}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{8B589085-F2FF-4919-A011-A2FEED65EAD7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8CC5F2D5-1916-4A15-8DDD-ABC40EC3965F}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{90CC11F5-85E6-4A74-A59F-26A54566006B}C:\program files\thq\titan quest immortal throne\tqit.exe" = protocol=17 | dir=in | app=c:\program files\thq\titan quest immortal throne\tqit.exe |
"UDP Query User{931C8E54-87F6-4871-B8CB-A8AC48EC9F6F}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{9509E939-AEAB-4D35-A8C2-087F5B07A4A0}C:\program files\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"UDP Query User{9667317D-82D3-4D40-B2CC-E069EFBEFCEE}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{A313D448-C613-4613-80FF-FA94678D7BE8}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"UDP Query User{A6E553C7-48A1-4C20-87E9-F0E42AAA7F3E}C:\program files\steam\steamapps\acid-burn\half-life\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\acid-burn\half-life\hl.exe |
"UDP Query User{A798EE62-40D6-4DF8-8E8D-37D3C378D99F}C:\users\human\downloads\flt-fif8\fifa08.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\flt-fif8\fifa08.exe |
"UDP Query User{AAF96EB5-D968-4C1A-B51A-1AB8C8029309}C:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe" = protocol=17 | dir=in | app=c:\users\human\documents\downloads\stranglehold\binaries\retail-stranglehold.exe |
"UDP Query User{AB885977-266E-449A-BBFA-49207210CDAD}D:\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=d:\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{B0D4DF7B-24E4-40B8-B1F6-3A14DD203888}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B4C00B6A-92AF-489C-8010-C850E2B3CBFB}C:\program files\littlefighter2\lf2_v2.0\lf2.exe" = protocol=17 | dir=in | app=c:\program files\littlefighter2\lf2_v2.0\lf2.exe |
"UDP Query User{B7112EC1-90B4-4A53-A7A4-9CD58430482F}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"UDP Query User{B8EA392C-E925-4ED4-98EB-4DCF2268BE43}C:\program files\kyodai mahjongg 2006\kmj.exe" = protocol=17 | dir=in | app=c:\program files\kyodai mahjongg 2006\kmj.exe |
"UDP Query User{BE874B03-8128-4B87-9379-58F264FF1C56}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{BE9363C7-FE79-4A6F-A69D-96FE2E9D9BDD}C:\games\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=c:\games\dragon age\bin_ship\daorigins.exe |
"UDP Query User{BF874A29-9DED-4E11-AD3B-3CDD1B4767B0}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{C27D8C6D-F6ED-4ABE-BC86-7D6651B1D52D}C:\program files\qtracker\qtracker.exe" = protocol=17 | dir=in | app=c:\program files\qtracker\qtracker.exe |
"UDP Query User{C410CB29-11B1-4410-A6DC-590BDFB871BA}C:\program files\microsoft games\impossible creatures\ic.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\impossible creatures\ic.exe |
"UDP Query User{CACE44D8-8361-499A-9094-ABFD66322BA3}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{CB9F9CF9-614D-48DF-BD5E-127C437A2BAF}C:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\program files\qip\users\******\rcvdfiles\******\wow-burningcrusade-dede-installer-downloader.exe |
"UDP Query User{CCA12702-7E11-4C98-8F48-96F70A20AE01}C:\users\human\downloads\starcraft\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\human\downloads\starcraft\starcraft\starcraft.exe |
"UDP Query User{D56645A8-C38F-4D6E-B791-D3599A50A00F}C:\program files\trackmania nations eswc\tmnationseswc.exe" = protocol=17 | dir=in | app=c:\program files\trackmania nations eswc\tmnationseswc.exe |
"UDP Query User{D66A3332-615F-4D22-95DC-71F14325A7D2}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands - kopie.exe |
"UDP Query User{D75FCE78-A7A1-4D63-9C7E-CBFF441F8264}C:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\street fighter iv\streetfighteriv.exe |
"UDP Query User{E15B99D2-CB67-4D8C-95CA-070A5A94BE7A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{E2B8D6A0-5342-4225-B605-22705EBBF4B7}C:\program files\cs\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs\hl.exe |
"UDP Query User{EA3B1D3E-9566-4C6C-904F-AF36BD8667CC}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{EC15F6B0-954B-40A0-AFF1-5ECC719D9352}C:\games\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\games\left 4 dead\left4dead.exe |
"UDP Query User{F67CE442-6312-4BAA-B497-36C82EE2BFE4}C:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe" = protocol=17 | dir=in | app=c:\programdata\microsoft\windows\start menu\programs\ea sports\fifa 08\fifa08.exe |
"UDP Query User{F86C8511-250B-451C-9EA3-58908F44AADE}C:\program files\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"UDP Query User{F974F1DA-2ECB-4E7A-8190-EC7A1C532B7B}C:\program files\ggpo\ggpo.exe" = protocol=17 | dir=in | app=c:\program files\ggpo\ggpo.exe |
"UDP Query User{FA81E9CA-B23F-419D-9D30-8A1C196F2FC6}C:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kanes rache\retailexe\1.1\cnc3ep1.dat |
"UDP Query User{FB0FECD8-08E2-4EC7-8D50-0E28F8BADD8B}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe |
"UDP Query User{FDA2F273-98A7-4553-A688-BD4DD5F5F861}C:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\human\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{FDEE16AD-203B-45BA-953D-522E40BD65D4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0C88C4A1-A9D7-4C28-8F06-4C2048765193}" = Magic The Gathering - Battlegrounds
"{10209B87-55D6-493E-A30A-12A265AA324E}" = TQ Defiler
"{130C75DC-9DA0-486A-837F-26987EE0A228}}_is1" = Helium Music Manager 2006 (build 5058)
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 15
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}" = Male Voice Pack
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56298F72-C2CC-4FE5-ACEA-30C7A866BF4C}" = Hercules Deluxe Optical Glass
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{68BD9036-0952-4849-AE7A-963BB53EDB71}" = GGPO
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69EA986B-B172-4FAA-B54D-853BD3A2B264}" = Popcap Game Collection
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B2B0D05-2B4A-4855-A47B-D69CD9E3CDD6}" = Impossible Creatures 1.0.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81935798-5D0C-4892-832E-630E6CC07EAF}" = Morrowind
"{8245C111-D83F-4C66-BBC6-2424F6116944}" = TES Construction Set
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9cc89170-000b-457d-91f1-53691f85b223}" = Python 2.6.1
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3382A07-BFF1-4A8D-9524-DEF82AE3F58B}" = League of Legends
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B6A24D2D-1ADB-4553-87FD-38F3FAADC18E}_is1" = The Book of Unwritten Tales 1.0.0.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC5AB595-ABEA-42D3-BD4F-C8014EB20F2B}" = Falk Navi-Manager
"{C1371095-71D0-42C2-B766-43D72278C3DC}_is1" = StoneLoops! 1.05
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C541EEFC-49B0-4976-80DB-4D5B78B50114}" = MorphVOX Pro
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2AD071E-2E86-4E8A-AA66-E8E222F84CDE}_is1" = Replay Explorer 3.0.1
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Any Video Converter_is1" = Any Video Converter 2.7.5
"ASIO4ALL" = ASIO4ALL
"Bookworm Adventures Deluxe 1.00" = Bookworm Adventures Deluxe 1.00
"Collab" = Collab
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"Crayon Physics Deluxe_is1" = Crayon Physics Deluxe - release 51
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II" = Diablo II
"DotAzilla" = DotAzilla
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.9.14
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Garena" = Garena
"Heavy Weapon Deluxe 1.0" = Heavy Weapon Deluxe 1.0
"Hero Fighter" = Hero Fighter
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"Impossible Creatures 1.0" = Impossible Creatures
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"Insaniquarium_Patch_Installer_1.2" = Insaniquarium Patch Installer 1.2
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"IrfanView" = IrfanView (remove only)
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.2
"LAN-Explorer" = LAN-Explorer
"Launch of the Screaming Narwhal" = Tales of Monkey Island - Launch of the Screaming Narwhal
"League of Legends_is1" = League of Legends
"Little Fighter 2 version 2.0a" = Little Fighter 2 version 2.0a
"LogMeIn Hamachi" = LogMeIn Hamachi
"LucasArts' Curse of Monkey Island" = LucasArts' Curse of Monkey Island
"LucasArts' Monkey 4" = LucasArts' Monkey 4
"Machinarium" = Machinarium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Moorhuhn 2 V1.1" = Moorhuhn 2 V1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Natural Selection_is1" = Natural Selection 3.2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PangYa_Eu" = PangYa_Eu (Goa)
"PC Wizard 2008_is1" = PC Wizard 2008.1.84
"Pcsx2_is1" = Pcsx2 0.9.2 Watermoose
"Pen Tablet Driver" = Stifttablett
"PoiZone" = PoiZone
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.0
"PunkBusterSvc" = PunkBuster Services
"QIP Infium_is1" = QIP Infium 2.0.9020 RC3
"QIP2005" = QIP 2005 Uninstall
"Qtracker" = Qtracker
"Runic Games Torchlight" = Torchlight
"ScummVM_is1" = ScummVM 0.13.1a
"ST6UNST #1" = Hero Editor V0.96
"StarCraft II Beta" = StarCraft II Beta
"Steam App 10" = Counter-Strike
"Steam App 21660" = Street Fighter IV
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Siege of Spinner Cay" = Tales of Monkey Island - The Siege of Spinner Cay
"TmNations_is1" = TrackMania Nations ESWC 1.7.9
"Toxic Biohazard" = Toxic Biohazard
"TreeSize Free_is1" = TreeSize Free V2.3.3
"TVUPlayer" = TVUPlayer 2.4.9.1
"Uninstall_is1" = Uninstall 1.0.0.1
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"UT2004" = Unreal Tournament 2004
"Veoh Web Player Beta" = Veoh Web Player Beta
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"YASA Video Converter v3.4 (build 0065)" = YASA Video Converter v3.4 (build 0065)
"zbattle.net_is1" = zbattle.net 1.09 SR-1 beta
"Zeno Clash_is1" = Zeno Clash
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Fallout 3 - Complete DLC Pack" = Fallout 3 - Complete DLC Pack
"Muziic Player & Encoder" = Muziic Player & Encoder
"NoNameScript" = NoNameScript
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"QIP 2005" = QIP 2005 8095
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.05.2010 08:18:55 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 10.05.2010 09:34:42 | Computer Name = Kyoto-Shi | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gta_sa.exe, Version 0.0.0.0, Zeitstempel 0x00564544,
 fehlerhaftes Modul D3D8.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4791a65b,
Ausnahmecode 0xc0000005, Fehleroffset 0x6567696c,  Prozess-ID 0x1670, Anwendungsstartzeit
 01caf03e9209151e.
 
Error - 10.05.2010 11:57:06 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 11.05.2010 08:29:49 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 12.05.2010 08:28:24 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 12.05.2010 19:36:16 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 13.05.2010 04:59:47 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 14.05.2010 04:37:44 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 14.05.2010 06:46:08 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
Error - 14.05.2010 15:18:22 | Computer Name = Kyoto-Shi | Source = LoadPerf | ID = 3001
Description =
 
[ System Events ]
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
 
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
 
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
 
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
 
Error - 13.05.2010 16:39:26 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
 
Error - 14.05.2010 04:31:30 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
 
Error - 14.05.2010 05:18:28 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Firewall | ID = 6400
Description =
 
Error - 14.05.2010 06:40:11 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
 
Error - 14.05.2010 06:40:46 | Computer Name = Kyoto-Shi | Source = Microsoft-Windows-Firewall | ID = 6400
Description =
 
Error - 14.05.2010 15:12:04 | Computer Name = Kyoto-Shi | Source = HTTP | ID = 15016
Description =
 
 
< End of report >
Ich möchte noch beitragen, dass ich während des OTL scans 3 Fehler-Meldungen gekriegt habe, welche ich mit Wiederholen beantwortet habe (falls Interessant würde ich noch einen Scan durchführen und diese diesmal notieren).


Gruß,
Mihael

cosinus 14.05.2010 21:56
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2010.05.14 11:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Human\AppData\Roaming\lowsec
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Human 15.05.2010 17:39
Hallo cosinus,

ich bin jetzt seit 6 Stunden am fixen, jedoch war ich mir vorher nicht bewusst, dass dies solange dauern würde. Dauert dies immer so lange?

:dankeschoen: für die bisherige Hilfe!

cosinus 16.05.2010 18:47
Nee eigentlich nicht. Lief er denn druch oder ist OTL bzw. Dein Rechner abgestürzt?

Human 16.05.2010 19:41
Hm.. irgendwas muss schief gelaufen sein, jedenfalls habe ich nach 12 Stunden das Programm mit Gewalt geschlossen und habe dann rebooted. Nach dem reboot hat Windows nicht mehr gebooted - habe also auf Windows 7 geupgraded und musste feststellen, dass ich viele viele Dateien verloren habe, ca. 50-70gb :/
ärgerlich

cosinus 17.05.2010 10:53
Zitat:
habe also auf Windows 7 geupgraded und musste feststellen, dass ich viele viele Dateien verloren habe, ca. 50-70gb :/
Mach sollte eigentlich vor jeder Windows-Installationsgeschichte Backups machen. Eigentlich hat man so wieso immer Backups :rolleyes:


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:10 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55