| stigma83 | 12.09.2012 19:31 |
Danke nochmal, hab es nun mit dem IE gedownloadet gab da wohl ein Problem mit Firefox.
Hier die Daten.
EXTRA.TXTOTL Logfile: Code:
OTL Extras logfile created on: 12.09.2012 20:15:36 - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\stigma\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,33 Gb Available Physical Memory | 83,32% Memory free
8,17 Gb Paging File | 7,65 Gb Available in Paging File | 93,69% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 3,65 Gb Free Space | 7,48% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 30,66 Gb Free Space | 62,80% Space Free | Partition Type: NTFS
Drive E: | 123,05 Gb Total Space | 26,48 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive F: | 126,20 Gb Total Space | 32,77 Gb Free Space | 25,96% Space Free | Partition Type: NTFS
Drive G: | 120,11 Gb Total Space | 27,80 Gb Free Space | 23,14% Space Free | Partition Type: NTFS
Drive H: | 129,15 Gb Total Space | 65,59 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
Computer Name: STIGMA-PC | User Name: stigma | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "h:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "h:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "g:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "g:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "g:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "h:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "h:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "g:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "g:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "g:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = 00 AF B5 BE C4 BA C9 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0008D118-A13E-44B8-8811-FE0FB9A969EA}" = lport=6888 | protocol=17 | dir=in | name=league of legends launcher |
"{0815E6A3-0E01-403B-BDD3-13BB3805F619}" = lport=6911 | protocol=6 | dir=in | name=league of legends launcher |
"{0A6EDFB3-6790-4557-AA0F-EA301330E628}" = lport=6911 | protocol=17 | dir=in | name=league of legends launcher |
"{0B587427-FF87-4484-B823-79B6FB4C5990}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{2032926A-3BEA-4F08-A685-83525B5AA124}" = lport=6937 | protocol=17 | dir=in | name=league of legends launcher |
"{2464CF9B-FFE3-4462-AAAE-770DFFCB6F53}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{29C85B32-5E03-42E3-8007-DEC413201933}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{2D03E443-14E8-4CA1-B837-36DE1348C2C5}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher |
"{32658298-749F-4459-AC35-654C93FC4F75}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{363964A9-1A6C-4EE7-BB61-E3DDA0CAD07A}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{3FC50326-F1C8-4322-943D-63CC9C03CAEF}" = lport=6907 | protocol=17 | dir=in | name=league of legends launcher |
"{412F5BCE-B9FD-46B2-A99C-6FCE8F0CDC8D}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{468105E1-9474-4031-892D-2D4ABAFEF754}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{4BC4F5A3-1C07-47AD-8B9E-8AF506D0F2FE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{4C43673C-DBB1-4070-830C-CAF94145D1A5}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{4CA2459B-9716-448E-AF48-EDDE8F39FA7B}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{4FCF7640-5C77-4BB3-B748-AD80484B7323}" = lport=6925 | protocol=17 | dir=in | name=league of legends launcher |
"{51CCAD22-CC1E-4FBF-BAA1-5A4ACE31DEDA}" = lport=6888 | protocol=6 | dir=in | name=league of legends launcher |
"{5B91F838-75D4-4C14-A457-AFEEA9045226}" = lport=6917 | protocol=6 | dir=in | name=league of legends launcher |
"{6624C448-317B-4A25-A00D-EF907FBC5D88}" = lport=6907 | protocol=6 | dir=in | name=league of legends launcher |
"{67D7B07B-8112-4AFE-A9F1-FF2D476E9CEA}" = lport=6899 | protocol=6 | dir=in | name=league of legends launcher |
"{67DC3B9F-4B0F-4F4F-A601-30F136A58299}" = lport=6983 | protocol=17 | dir=in | name=league of legends launcher |
"{709CE856-19E3-4190-8D69-BFC4CA11579E}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{79A271B1-8527-42AE-8BBE-6E10860EE32F}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{7E1E4ABB-72AD-427C-B225-0EC2C3270683}" = lport=6899 | protocol=17 | dir=in | name=league of legends launcher |
"{80247871-A978-44AF-A5CB-093A71E5CA03}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher |
"{896FE628-4D8E-4CE6-B85D-EA3F4DE9AAF1}" = lport=61238 | protocol=6 | dir=in | name=akamai netsession interface |
"{89DE56A6-1230-4D11-BBFD-90A7DB6DA2F8}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{8A9085D8-0912-46BF-9A05-656893C63B5C}" = lport=6933 | protocol=6 | dir=in | name=league of legends launcher |
"{8BB7DB6E-8A95-455E-9152-43B0D8B27A86}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{8C248E93-985E-491B-9F8D-53FCCACAD08D}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{8F66ABF2-CFCD-4D31-95E2-09A08D668F06}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{96209835-6270-4E0C-A6D8-1BC1F08AE431}" = lport=6937 | protocol=6 | dir=in | name=league of legends launcher |
"{99686768-906F-4B62-8837-E681C8737AAE}" = lport=49169 | protocol=6 | dir=in | name=akamai netsession interface |
"{9A2F6352-763C-41BA-B8B8-FEF830F90176}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher |
"{9C28786B-A957-45A8-946D-2F1A2992A851}" = lport=6952 | protocol=6 | dir=in | name=league of legends launcher |
"{9D3A84C1-3E4B-43E5-99BE-636B67CB73B2}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{9EDC5AE5-B2F8-402B-988B-8AC6FE0E6A06}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{A3CE3E13-11B9-4042-B39D-C6F0A6BF5B83}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{AEBE2C84-34B3-4021-BC97-89B5D89E3C85}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{BC904F53-4190-4EA2-87EB-570551E27008}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher |
"{BFAF6CC9-04C9-4FB9-BC0D-DCC1EBC59FB0}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher |
"{C06A854B-EA0D-4505-A534-50F3583657E2}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{C201F651-3455-4656-B754-ABCCD039736B}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{C7CAEF32-BD3B-40B1-B450-D782E5723C0D}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{C84E98E0-AC69-44EA-B18F-50EDA7E46160}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{D67A209A-20F2-47EC-B6F9-BC30DCF4AB8E}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher |
"{E455E7E5-E432-4676-90C7-492F8E9086F7}" = lport=6952 | protocol=17 | dir=in | name=league of legends launcher |
"{E4842709-F96C-4305-9AE7-EA48DE531D9D}" = lport=6925 | protocol=6 | dir=in | name=league of legends launcher |
"{ECFE67F6-A2A8-41D4-8E98-3F60C57AB5F2}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{EED46F70-BA59-4B90-A21F-83854078A54C}" = lport=6933 | protocol=17 | dir=in | name=league of legends launcher |
"{F27E7682-8A96-46C5-8816-A717A1F649E6}" = lport=6983 | protocol=6 | dir=in | name=league of legends launcher |
"{F6C16882-68FB-488F-9F58-504DECF9A3C2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FA09E934-CB1C-4D20-A27D-14BDA79B08BE}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{FDF97822-9412-4F8E-B597-B01455A28F30}" = lport=6917 | protocol=17 | dir=in | name=league of legends launcher |
"{FEB9864C-42E9-4F25-8C65-678E727CF52F}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009A133F-A123-484A-BB60-E986F2AAD797}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{01FC0126-5502-408A-A21E-1146329B1BE3}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_mapeditor.exe |
"{0457C1E1-24F1-4F87-8AD2-1628E89A13A6}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{056416D4-BB0D-47A4-97E1-C052B00AF6A3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{0946FF23-EDE6-4925-A05D-D46207C47390}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{0BD046B1-EBE3-4B2C-8172-9E81D2740BAA}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\docs\ea help\electronic_arts_technical_support.htm |
"{0C76C637-AC16-4C3F-90EC-3AF637D04FBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0EC47895-7897-4A85-B6B0-747B6AF04F4F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{0FCB42E0-9D50-473C-BA3E-9CFF4E257167}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{100D7512-8EE6-4D17-B62B-231C08E95FDA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{144A2B90-1A08-49AF-8110-BBDA5FBF0BEE}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{1522759B-FB2F-479F-BEA1-F2F6089EBB0F}" = protocol=17 | dir=in | app=g:\program files (x86)\league of legends\game\league of legends.exe |
"{156F4B5A-D79E-42BC-A265-54BA41D249B0}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{15D8C361-B50C-415F-9F13-A20EC245816F}" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe |
"{162D154F-FD2E-4C7B-B816-1A05FB068795}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\titan quest immortal throne\help.htm |
"{176B1D3A-D6B1-4C76-83CF-FCB529600651}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\darkspore\support\ea help\electronic_arts_technical_support.htm |
"{17CAE3E3-AA78-466B-B739-15DAA98E4FD6}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{1A536062-286A-4626-877C-A22222334A45}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1CEBB88F-1D63-4B5C-A2F2-9B918B8E952B}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\autorun\exe\autorun.exe |
"{23BF3561-2DB5-47D5-A7BC-4FCDE25AAF0B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{24921D08-1DE1-4133-A057-D66F7F2B95B7}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\titan quest\titan quest.exe |
"{24F92BF0-D0AF-4E87-988D-6CCEF9635928}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_game.exe |
"{2620F224-5F7B-4B35-9E02-BAAA93466622}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\darksiders\darksiderspc.exe |
"{2671134A-A4F2-459E-BFF2-316B14355735}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{299AD6F1-7FCC-4D67-AE40-1D4437402829}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{2B898A50-FA0B-420D-AED2-74C7084E769F}" = protocol=6 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"{2BBE6250-8494-407E-9325-0806A5D16A3A}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{2EA8DA34-11D1-4C1A-BD25-8DE5AF28932D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{2F379C32-DBAF-47E1-887C-A9F313FF7D07}" = protocol=6 | dir=in | app=g:\program files (x86)\league of legends\game\league of legends.exe |
"{38C07B62-6485-46F7-827D-9BDAA9A25875}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{3A52E89B-1F5F-4C42-84D3-6D87731692E9}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{3F02077A-40E8-436C-B349-8FE82BD53357}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{3F1899F0-AD01-42D8-B55F-6A792F123532}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\fallout tactics\ft tools.exe |
"{415E3589-11DD-423D-BE7E-A8D201FFDDA9}" = protocol=6 | dir=in | app=f:\programme\steam\steam.exe |
"{43093BD6-3EAE-4FDD-8CDA-60BF9DDB6296}" = protocol=6 | dir=in | app=g:\program files (x86)\league of legends\air\lolclient.exe |
"{452D7045-D86B-4E3A-AE51-95ECB475396C}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\fallout tactics\bos.exe |
"{46DF5D2A-0FA9-4D18-B159-763FBA0A78AD}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{46EFC831-BF60-4CDC-B803-6BE5B008CBC2}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dawn of war 2\dow2.exe |
"{4A1C99F6-4D80-4576-9589-5EF6ADDFE035}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{4A677671-AFDE-43AE-8D8D-9AF130F355D8}" = protocol=17 | dir=in | app=f:\programme\steam\steam.exe |
"{4B71D941-5C3D-4789-B9D3-B6E352CC0D99}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\titan quest immortal throne\help.htm |
"{4C634E91-93BB-4924-8A7B-E66238B744B4}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\resident evil operation raccoon city\raccooncity.exe |
"{4D04C4DD-10D6-4113-A18D-7A0C748DD1BE}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\darkspore\darksporebin\darkspore.exe |
"{4F329BC3-A9B3-48D4-B76E-0574B58007F4}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{4F6B464B-B393-43C5-9488-B01CAAC7505D}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{52EC9CF6-2AB3-4229-B2F0-9D5E773A09FA}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{55B7074C-A8CC-467B-B3C0-FCDBD6935F13}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{5744495E-C994-4DCD-83D2-91F889A8F886}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{5B30F9A9-B2DC-4268-8023-9468C6695FB3}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{5D11CA75-1C42-4BBC-B738-B7CB9D31DD21}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_mapeditor.exe |
"{5FDDFFC5-F61F-4D29-9709-7A04E6B25B9F}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\alien swarm\srcds.exe |
"{6247856D-4D8B-4727-AE5B-8E517CF1D6F5}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\jabia\jaggedalliancebia.exe |
"{654EEC9A-88FF-48DE-BB53-A52713839AD9}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{661BEEDE-6295-4E0C-859A-CA0CBF2548EF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{6624C8E8-3D9D-4DB6-880E-F12919F9298B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{66362DE0-520B-4E02-96A2-361A1B7E2FD8}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\age of conan\conanpatcher.exe |
"{68066ADF-5D4C-4795-8618-68A0CA3C39F7}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\daoriginslauncher.exe |
"{68E98CEA-58C2-4546-8E92-971B853D83AB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.403\agent.exe |
"{68ECD4AD-814E-4BB8-9411-E4215BBC835B}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{6C248F9C-E55D-4B37-8849-F60301759FF5}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{6CA22815-83E8-425B-AD8F-4EA51E4B3B1D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\daoriginslauncher.exe |
"{6D300885-F7F8-4CF3-A8CD-F0792E661970}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe |
"{6D906E60-F45A-499E-96CB-3C128FBA2557}" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe |
"{707C119F-460A-4118-B4D1-F8639CFD09D0}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{709AB3A9-8853-4CDF-BF88-F40822234D53}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{71040992-79B4-4BF2-B701-CCFC60D3B40C}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_mapeditor.exe |
"{721E0DE0-3114-4269-BD40-8C8501A9D2E8}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\jabia\jaggedalliancebia.exe |
"{752229D1-1349-4468-A8B7-EE4DC22AF8FC}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\alien swarm\swarm.exe |
"{7533B52F-FB0C-490B-8442-1D1F820F2A09}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe |
"{7601623B-DB4F-4502-8F64-1A3F99346913}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\darksiders\darksiderspc.exe |
"{765A7FFD-90DA-453B-BE2A-9C3788B4040D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe |
"{79856F74-8DBD-4B96-B5E8-CF00CB4A0EA0}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{7A435241-ABE6-4358-9BE3-D3019E303BF1}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe |
"{7B85CB75-6589-4EB2-A6BB-A82B643709AC}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{8191EDDA-3EA1-4DE8-9868-588B6F3C7C67}" = protocol=17 | dir=in | app=g:\program files (x86)\league of legends\lol.launcher.exe |
"{844FE89B-F898-41A3-A0C0-46FA8ACE3086}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{84CCAF84-D883-4B96-AFE1-9B1BF98BDDEE}" = dir=out | app=c:\program files\eslwire\wire.exe |
"{84EBDEEA-F6F0-4AAE-BCBF-6BF11532FA53}" = protocol=17 | dir=in | app=g:\diablo iii\diablo iii.exe |
"{84EC687B-ADFF-4EAA-BB2C-35119A6CDD83}" = protocol=17 | dir=in | app=h:\electronic arts\dark age of camelot\camelot.exe |
"{86DF4D67-FD17-4CB5-B931-F1962404B4E8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{879DF1EC-67B4-478C-89D7-A0DAE7551752}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\autorun\exe\autorun.exe |
"{87AFC87B-001A-4F43-B420-9989A00D35C6}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{882E895E-38D8-4F4D-AB4D-267BEFEC8353}" = protocol=17 | dir=in | app=g:\program files (x86)\league of legends\game\league of legends.exe |
"{890BAFC3-BE66-4228-AD87-679344DEBFA8}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{8959294A-104B-4F50-9383-77015A899F74}" = protocol=17 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{8D34D806-9878-428D-8023-F16C6648F7E9}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\fallout tactics\bos.exe |
"{8EA7C86F-D20E-49F2-8343-2DDA9E9152FB}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\empire total war\empire.exe |
"{8F1434E6-00BA-4A89-92E2-92E98BC3C1DF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.404\agent.exe |
"{8F29F457-6EAE-44CC-9960-6AA31F282FBC}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{8FE14426-FC45-4774-982A-C8802CD3E0A7}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\titan quest\titan quest.exe |
"{91DBB718-FB66-4C59-869A-8A62702CFB57}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\empire total war\empire.exe |
"{95886DAB-4F9F-47B3-9F33-B558C39F83D7}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\titan quest\help.htm |
"{97F5DE8E-F370-479C-882F-59A5CFD6C741}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{98BE23B6-1E7B-49C5-B3DA-65D38D558647}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{995578DB-E826-4B53-B8A8-3D8962B9FFB7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.403\agent.exe |
"{9A9B19D8-BFC8-4B10-A5BA-3F1F7E46A5C0}" = protocol=6 | dir=in | app=g:\diablo iii\diablo iii.exe |
"{9ABE6F79-4602-442A-899D-F49EBB98E4EE}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{9ABFBB17-505C-4E36-A273-D81D3051142B}" = protocol=6 | dir=in | app=g:\program files (x86)\league of legends\game\league of legends.exe |
"{9B461280-607C-4254-8644-9FC3D0F9F96F}" = protocol=6 | dir=in | app=g:\program files (x86)\league of legends\air\lolclient.exe |
"{9E0C1F0C-45E5-4549-8805-FB83353F449C}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{9E59BDB7-78DB-4C7D-90E9-8FFCC1BC1D50}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_game.exe |
"{A348D1AF-841D-40D3-9190-89C3D5B65613}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{A46B261F-3834-4BD4-90F4-B34F79856A4C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.404\agent.exe |
"{A492076E-7D5A-4074-AAFF-324CAC5C638B}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe |
"{A9F62C26-A395-44A6-9240-B59526D5164A}" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"{AA016FC5-B6D5-4B08-BBDC-2CF3CCC38E11}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\darkspore\support\ea help\electronic_arts_technical_support.htm |
"{B12581E3-30D2-4821-8C5C-0DDD3228B63F}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe |
"{B1BCB2AC-9310-46E9-95D8-4A517407C220}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\daoriginslauncher.exe |
"{B24BE864-D264-4AC6-9E4C-62FDF282E801}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dawn of war 2\dow2.exe |
"{B26C172E-CB8F-40CA-93D1-BCAC7EAC8ACA}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5 tribes of the east\bin\h5_mapeditor.exe |
"{B8A735AC-82FF-442A-B970-35CB3C1BA2CE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{B9A77E27-3280-4AFB-B2F6-04E478F4B06F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{BBA37955-7B3E-4AE0-864E-5F43F04E1420}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{BC1EBA29-8440-4320-8FEA-545C4703A0A1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BC7F768E-23EF-4895-8F3C-A3E3D0E20D38}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{BD858F2F-DFFF-46A0-B982-52DD02919823}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{BE25D03F-818F-4144-B3FF-722BAF8C715B}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{BF9D1502-F421-4EB7-9155-C3C4EB8A1C83}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\resident evil operation raccoon city\raccooncity.exe |
"{C07EC4B7-F2F4-46A3-8689-9F2078BD999F}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{C1F6A015-6314-42D5-AE18-BFA545721D82}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{C2BD2D57-1799-4396-B30A-2EF2FDFCB0C4}" = protocol=6 | dir=in | app=h:\electronic arts\dark age of camelot\camelot.exe |
"{C6B946AF-9CB3-4526-9A41-C6E1FDD1D542}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CC68DC6A-AAC7-409B-8CB1-AC30159EDE84}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\alien swarm\swarm.exe |
"{CCBA09FC-04FB-48F7-BF60-BF4418010E08}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\darkspore\darksporebin\darkspore.exe |
"{CDADCED7-5E23-4F39-A239-9F1E0748CA75}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe |
"{CF6CE996-C332-4AB0-AE0E-9CFE65195318}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{D2046DC2-F29A-490B-93DB-27E4164F2A67}" = protocol=17 | dir=in | app=h:\ea\darkspore(tm)\darksporebin\darkspore.exe |
"{D32402D2-6413-4F6E-BA3E-51784EA1D480}" = protocol=17 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"{D4F50A87-A1A8-448B-A02D-B3CF6C7CC295}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\prof.immortal\counter-strike\hl.exe |
"{D92CDE5C-8987-423A-BCE0-342037303D91}" = protocol=6 | dir=in | app=h:\ea\darkspore(tm)\darksporebin\darkspore.exe |
"{D9A3B87E-4168-4F1B-8C53-4B8603F48A7A}" = protocol=6 | dir=in | app=g:\program files (x86)\league of legends\lol.launcher.exe |
"{DE2249B7-B739-4332-91FA-39B52FC7D55E}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\heroes of might and magic 5\bina1\testapp.exe |
"{DF6C97B8-E2F3-4508-A7C5-FE551B108704}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\fallout tactics\ft tools.exe |
"{E1B29667-EFE3-4FEF-9AD7-2E896D2F146D}" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\titan quest\help.htm |
"{E3597D15-C108-445F-AAC9-D166B0D76F88}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\age of conan\conanpatcher.exe |
"{E4E7B49F-2510-43FB-8E1C-7A1CFB8A5295}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E5DA9D3C-EFA4-49A4-8B22-58166137617B}" = protocol=17 | dir=in | app=g:\program files (x86)\league of legends\air\lolclient.exe |
"{E627D44A-D105-4AD0-A0A2-72B80CD0B6EF}" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"{E6FEAFD4-B0EC-4F20-9A44-22EE06165204}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe |
"{E7502855-4137-43F3-B6CD-F683B27A6809}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{E97B7AFA-F411-45DC-BA25-595385D66F22}" = protocol=6 | dir=in | app=g:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4server.exe |
"{E9C99027-2B66-413D-A990-8944C0164CF7}" = protocol=6 | dir=in | app=g:\programme\steam\steam.exe |
"{EAA8A5DA-035A-4C14-897D-AAE924EC4B01}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{EB8FFCF9-DC50-4D92-B775-F597D3D0964A}" = protocol=17 | dir=in | app=g:\programme\steam\steam.exe |
"{F3E8D1D2-1BE9-4C9E-A3CC-F6F106738D70}" = protocol=6 | dir=in | app=h:\games\star wars-the old republic\launcher.exe |
"{F4E3E342-6171-4F30-9A8A-F03EF3DBFD58}" = protocol=17 | dir=in | app=g:\program files (x86)\league of legends\air\lolclient.exe |
"{F667E339-9C7C-49B7-9795-D80BBE759703}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\dragon age origins\daoriginslauncher.exe |
"{FCDB4ECF-96D5-4469-84E6-2E5C4BD326C7}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\alien swarm\srcds.exe |
"{FCF6DB30-9CAA-495E-A765-EE1C71FEA42D}" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\dragon age origins\docs\ea help\electronic_arts_technical_support.htm |
"{FE772975-9585-4F10-8F6C-FC2C688E4504}" = protocol=17 | dir=in | app=g:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4server.exe |
"{FF559402-E2FC-4B0F-9133-DE604CACDBB6}" = dir=in | app=c:\program files\eslwire\wire.exe |
"TCP Query User{00895441-A773-405B-951B-E526766AF67B}H:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{0DE15CD5-1097-44F7-A521-6AA0B71BE963}G:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=g:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{180AAA2F-974E-4227-AE24-5F0468602DF4}H:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=h:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{1ABF13F2-7872-4A8E-AF9B-363F31C49BA5}C:\programdata\battle.net\agent\agent.516\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"TCP Query User{1AE342E4-39B4-4238-BCEC-90D95ABE37C7}F:\programme\capcom\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=f:\programme\capcom\resident evil 5\re5dx10.exe |
"TCP Query User{2DB8AFE8-3594-4289-B157-046BA5E68ED0}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{30FF1626-B80A-4875-B495-4E2B57ADC241}C:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{33853F5B-15D1-45D2-B9FC-202740F8BE1C}F:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe |
"TCP Query User{355607EB-BA72-4D05-BF93-E3EB916FEA65}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"TCP Query User{3FC040F8-B61F-482D-BFD6-661FBA0C7253}E:\programme\emule\emule.exe" = protocol=6 | dir=in | app=e:\programme\emule\emule.exe |
"TCP Query User{400C1A3F-70A8-40B8-9E58-61B28CC45AA2}H:\c&c\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe" = protocol=6 | dir=in | app=h:\c&c\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe |
"TCP Query User{42151734-4A45-403B-B4DB-AAE0A6C2A2A2}H:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{42E32B06-1064-4941-AA5B-2A32910B7357}G:\wtv\wtvclient.exe" = protocol=6 | dir=in | app=g:\wtv\wtvclient.exe |
"TCP Query User{439046C7-196C-432A-B2B9-5FDA432E703C}E:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"TCP Query User{4F8FC7E5-25AA-4C75-A184-CB2184CB7FB2}H:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{5E6277AB-E1CD-4BF5-8981-4F7C4C6FDBAC}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{644B4C2B-CC64-46C8-8E52-6BE4270088AD}G:\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe" = protocol=6 | dir=in | app=g:\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe |
"TCP Query User{70241389-C527-4FC7-80B3-B2D887A9AD49}G:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.exe" = protocol=6 | dir=in | app=g:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.exe |
"TCP Query User{708D3927-E09E-43FD-94CB-9D182064CF2D}E:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=e:\world of warcraft\repair.exe |
"TCP Query User{751EDA18-4A96-4C62-B387-6275DF3C1EAD}G:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=g:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
"TCP Query User{7BFCD518-3594-4043-BEAA-3DDB5AA79698}E:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"TCP Query User{7D61AD0A-FCD5-4AFF-86BC-7778D58FD79A}G:\games\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks_closed_beta\worldoftanks.exe |
"TCP Query User{878895EC-E2F5-46F9-A45A-FB83381A9B93}H:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=h:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{89A9A155-1109-4A08-88F3-9902BD165F1C}E:\wtv\wtvclient.exe" = protocol=6 | dir=in | app=e:\wtv\wtvclient.exe |
"TCP Query User{91D26AD2-B356-41F0-AFD7-00DD9FAAF131}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"TCP Query User{92B92185-2D85-4FFF-8AD0-F32AEDC6D18D}C:\users\stigma\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\stigma\appdata\local\temp\gw2.exe |
"TCP Query User{97910213-B8F0-4921-9923-847E79B5B845}H:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=h:\program files (x86)\emule\emule.exe |
"TCP Query User{98C74E7E-A4B3-4ED4-8447-DABC3038965C}H:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=h:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{9A519D9A-4CB1-4718-9D7D-3A2C3ABE8FA5}H:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{A16DCC85-E490-460E-A6FE-F852FD286EEC}C:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{A57DBD02-E39D-4ED5-802A-D63B03D0622F}F:\d3\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=f:\d3\diablo iii beta\diablo iii.exe |
"TCP Query User{A6AA7B3A-2623-40A7-B4C4-1CDCF52DF56A}E:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe |
"TCP Query User{A8F3BAC0-0543-49CD-AE8E-1E18310A30E3}C:\programdata\battle.net\agent\agent.440\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"TCP Query User{AC7E499D-194E-49BB-9B49-5250253171B3}G:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=g:\program files (x86)\mirc\mirc.exe |
"TCP Query User{AFFA64A2-480B-4EE1-974A-8C70C1CFF3CA}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"TCP Query User{B194DC88-F083-4E29-B4F2-2A8FD3CD3EA6}H:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{B1DD6578-014F-4559-9A31-F85F9A592BD8}C:\users\stigma\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\stigma\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{BA2D39BD-CA9C-4D80-BA0A-DF5B7841A306}E:\programme\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=e:\programme\league of legends\lol.launcher.exe |
"TCP Query User{C0459F65-213A-48FB-A548-D39F7DB11130}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{C0A8D5C7-A3E0-4FDD-BF1C-355202138D80}F:\diablo-iii-8370-dede-installer-downloader.exe" = protocol=6 | dir=in | app=f:\diablo-iii-8370-dede-installer-downloader.exe |
"TCP Query User{CB6FA804-31F3-4C56-BDC5-8040D7214562}E:\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"TCP Query User{CCB9CBCF-53D2-4511-9DEB-793C16DAEEA8}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"TCP Query User{CCFE3AEF-D02D-4D69-9C97-F085971D0BE3}C:\programdata\battle.net\agent\agent.515\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"TCP Query User{D0574275-452D-4CAD-A1DE-0646C19FCF8D}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"TCP Query User{DD0C3838-7B99-42FC-A2C3-B18CCE129E6E}H:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=h:\program files (x86)\emule\emule.exe |
"TCP Query User{DD262AC4-EBDB-4B26-BD92-D18FE0F195B6}C:\program files (x86)\rayv\rayv\rayv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rayv\rayv\rayv.exe |
"TCP Query User{DF7EFF1F-D8F7-487A-AA35-3C6924A00931}H:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{E3EFC70F-DC9C-4533-B461-ACCA257AB674}G:\games\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks_closed_beta\wotlauncher.exe |
"TCP Query User{E8AA7017-2281-4FAE-966C-D5AEA70970CF}F:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=f:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{EC094528-5B95-4813-B29E-7DB2068CC4C4}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"TCP Query User{F2CD6CAD-7ED9-4660-A1E1-F721F82F7B5D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{F3B938BE-AFF6-4FB2-AA88-A2AD78418EF4}C:\users\stigma\desktop\loleudownloader.exe" = protocol=6 | dir=in | app=c:\users\stigma\desktop\loleudownloader.exe |
"TCP Query User{F6149C9A-AEFF-4037-823F-0F7BEAD7E058}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{02230820-0BCF-4FCA-BE5E-EE4FDDFB7816}F:\d3\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=f:\d3\diablo iii beta\diablo iii.exe |
"UDP Query User{07090008-95A7-4A3A-93E9-F58196A6DFCB}H:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{0E323CD9-4DE3-4561-9237-65E50875C9E8}C:\programdata\battle.net\agent\agent.440\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"UDP Query User{1017CF3B-D583-4BF2-9A52-84BA82F0DA87}H:\c&c\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe" = protocol=17 | dir=in | app=h:\c&c\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe |
"UDP Query User{1565EB44-8A1E-4F54-8D67-D2CB9286BEC0}E:\programme\emule\emule.exe" = protocol=17 | dir=in | app=e:\programme\emule\emule.exe |
"UDP Query User{1FE36A36-9868-4411-95FC-988A658CAB97}E:\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"UDP Query User{2055DFCE-BD04-4BEA-8B07-398C07DF4E64}C:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{21E6D7AE-C26E-42F9-8224-80B08BEE6288}G:\games\world_of_tanks_closed_beta\worldoftanks.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks_closed_beta\worldoftanks.exe |
"UDP Query User{282363E2-5FA5-4695-89D4-504E0F5DEE4E}F:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\blood bowl legendary edition\bb_le.exe |
"UDP Query User{2E0748A9-F082-4198-9D1E-A7E6EB92B7A6}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{3BA3F94E-A7BF-47E4-A35C-71924A39D808}H:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{426EAA46-8388-45A6-BE9C-E47CE1CDC046}F:\programme\capcom\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=f:\programme\capcom\resident evil 5\re5dx10.exe |
"UDP Query User{54140207-348B-4B92-A182-D447CB0684BE}H:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{5AE1C1E2-DBA8-4001-9F3D-E248C5B8021F}H:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{60228CF5-A983-4588-AF52-1524ECAF9A43}E:\wtv\wtvclient.exe" = protocol=17 | dir=in | app=e:\wtv\wtvclient.exe |
"UDP Query User{625783E7-CA03-4FD7-8B27-7F1426777D37}E:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"UDP Query User{65D5520A-39BF-444E-B3EF-B8CE636C12AC}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"UDP Query User{6A580AA2-45BB-4292-A3B1-F37564217EBA}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"UDP Query User{7007AD6D-5CE1-4608-A9AA-A4D940FC5744}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{7396E7C8-D22E-470A-88CB-0ACBDE829C47}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"UDP Query User{77688551-18D0-46C0-91C7-CF91D2E7708A}H:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{7E5B9F9E-BAEC-4B46-93BA-075C6F7159E4}C:\programdata\battle.net\agent\agent.515\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"UDP Query User{8B2FE074-A3CC-48F5-8CCF-C21439A87F3F}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{90ABC032-B384-4249-AF0B-71A3F2CF52BE}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"UDP Query User{94FE5F67-4D5C-4391-98E8-AB522AB2EF7C}H:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=h:\program files (x86)\emule\emule.exe |
"UDP Query User{96F2ABDC-1EA3-4D52-8AD8-806A27A3B1C6}E:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"UDP Query User{97890264-94FD-44FC-8C02-3421ADD56524}F:\diablo-iii-8370-dede-installer-downloader.exe" = protocol=17 | dir=in | app=f:\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{9800F4B3-6960-4ECE-832C-0AAE93058793}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"UDP Query User{999E2316-8C54-4E3B-8DC0-D43B5D44F783}H:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=h:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{A176A9AB-DBCA-41DE-B50E-39038932B684}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{A1A4392E-C269-4B37-B608-9E3E4BA3E8B7}H:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=h:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{A4106E48-3E33-407F-8A4B-8B5C4BCD3335}F:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=f:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{A5213361-D86A-474F-B4FF-37D39F6BC6AC}C:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\stigma\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{A7DA51E4-2BC0-4A62-9988-D15F11A0EBA0}C:\users\stigma\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\stigma\appdata\local\temp\gw2.exe |
"UDP Query User{A818423B-72A0-477B-89DA-84D904BD8F1D}C:\programdata\battle.net\agent\agent.516\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"UDP Query User{A956863B-2108-4AC6-8121-6C6553666489}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"UDP Query User{B0EF59C8-8E65-4E76-B7AF-986AED58B5C3}H:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=h:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{B3933C84-7A51-4947-97E2-BE4E8AA357C6}G:\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe" = protocol=17 | dir=in | app=g:\command.and.conquer.4.tiberian.twilight.german-ginalisa\crack\cnc4server\cnc4server.exe |
"UDP Query User{B8EF2239-908B-4F0A-8B84-7F281056CBF6}E:\programme\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=e:\programme\league of legends\lol.launcher.exe |
"UDP Query User{BF253AF0-1E1C-4926-B496-5E8E3B19A0A2}C:\program files (x86)\rayv\rayv\rayv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rayv\rayv\rayv.exe |
"UDP Query User{C082FFE6-0711-4849-8A60-FD659CE1EDEC}E:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=e:\world of warcraft\repair.exe |
"UDP Query User{C6A8F1D1-4AEF-4EF7-ABFA-E63FC0FADED6}G:\games\world_of_tanks_closed_beta\wotlauncher.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks_closed_beta\wotlauncher.exe |
"UDP Query User{C82B6A29-4B87-4360-9419-B308D173C13A}E:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe |
"UDP Query User{C99B57CA-B45D-46F6-8DE0-797F7BDAAC6A}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{D97A4B3F-6714-43B1-A441-8B34D9C9E0E0}G:\wtv\wtvclient.exe" = protocol=17 | dir=in | app=g:\wtv\wtvclient.exe |
"UDP Query User{DB0EA836-99BC-4CA5-BBDE-CEA6AA48CE2C}G:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=g:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{DDB233C8-8F51-478E-81AA-718354C3D0B3}G:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=g:\program files (x86)\mirc\mirc.exe |
"UDP Query User{DF9D0A36-B583-480F-872D-3E27112A047B}C:\users\stigma\desktop\loleudownloader.exe" = protocol=17 | dir=in | app=c:\users\stigma\desktop\loleudownloader.exe |
"UDP Query User{E5A120CC-2FB4-469B-97D5-F669C04621E0}G:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.exe" = protocol=17 | dir=in | app=g:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.exe |
"UDP Query User{E69B1CE5-5747-4863-8624-52FD1DFCFF40}C:\users\stigma\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\stigma\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{F066B01A-B55F-4BA4-9394-2C3B10F01155}H:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=h:\program files (x86)\emule\emule.exe |
"UDP Query User{F153A1FC-397D-403B-B057-5FA22F1002C3}G:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=g:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
"UDP Query User{F931C458-2785-4253-B924-E6180C3AC677}H:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=h:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.17.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ESL Wire_is1" = ESL Wire 1.13
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DFD3F5C-DE64-442B-B3B7-37745D92AD6A}" = CNC4 Offline Patch
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{292F51DF-B284-448D-8157-742D34EFB6FF}_is1" = Gamma Control 2
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{58499C4F-DA08-4CD7-B21F-B12F53E394E0}" = TQVault
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB7}" = Corsair USB Headset
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86EC2998-07D5-4CD5-8992-1F3B5CE43BFA}" = K8100
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C46B05A-7D31-46B5-8B44-81B6B51E8A73}" = TQ Defiler.NET
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}" = Darkspore™
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B54867D3-6C6F-85CD-F73D-1D2186E49045}" = JamLegend
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.jamlegend.JamBox" = JamLegend
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"eMule" = eMule
"Everest Poker.net" = Everest Poker.net (Remove Only)
"Free Download Manager_is1" = Free Download Manager 2.5
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"GomTV Launcher Plugin" = GOMTV Plug-in
"GomTVStreamer" = GOMTV Streamer
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Guild Wars 2" = Guild Wars 2
"IrfanView" = IrfanView (remove only)
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mIRC" = mIRC
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NSS" = Norton Security Scan
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"Runic Games Torchlight" = Torchlight
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 15170" = Heroes of Might and Magic V
"Steam App 15370" = Heroes of Might and Magic V: Tribes of the East
"Steam App 15380" = Heroes of Might and Magic V: Hammers of Fate
"Steam App 17450" = Dragon Age: Origins
"Steam App 209100" = Resident Evil™: Operation Raccoon City
"Steam App 38420" = Fallout Tactics
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 47730" = Dragon Age: Origins - Awakening
"Steam App 49400" = Magic: The Gathering - Duels of the Planeswalkers
"Steam App 50620" = Darksiders
"Steam App 57740" = Jagged Alliance - Back in Action
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 8980" = Borderlands
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Titan Quest_is1" = Titan Quest
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"Warhammer Online: Age of Reckoning" = Warhammer Online: Age of Reckoning
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xvid_is1" = Xvid 1.2.1 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"mIRC" = mIRC
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.02.2012 22:08:50 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:08:51 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:19 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:19 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:33 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:33 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:34 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:13:35 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:15:18 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.02.2012 22:15:18 | Computer Name = stigma-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 12.09.2012 13:22:15 | Computer Name = stigma-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12.09.2012 13:22:15 | Computer Name = stigma-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 12.09.2012 13:27:26 | Computer Name = stigma-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 12.09.2012 13:28:00 | Computer Name = stigma-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 12.09.2012 um 19:26:15 unerwartet heruntergefahren.
Error - 12.09.2012 13:28:16 | Computer Name = stigma-PC | Source = DCOM | ID = 10005
Description =
Error - 12.09.2012 13:28:26 | Computer Name = stigma-PC | Source = DCOM | ID = 10005
Description =
Error - 12.09.2012 13:28:44 | Computer Name = stigma-PC | Source = DCOM | ID = 10005
Description =
Error - 12.09.2012 13:28:45 | Computer Name = stigma-PC | Source = DCOM | ID = 10005
Description =
Error - 12.09.2012 13:28:49 | Computer Name = stigma-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12.09.2012 13:28:49 | Computer Name = stigma-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
--- --- ---
OTL.TXTOTL Logfile: Code:
OTL logfile created on: 12.09.2012 20:15:36 - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\stigma\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,33 Gb Available Physical Memory | 83,32% Memory free
8,17 Gb Paging File | 7,65 Gb Available in Paging File | 93,69% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 3,65 Gb Free Space | 7,48% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 30,66 Gb Free Space | 62,80% Space Free | Partition Type: NTFS
Drive E: | 123,05 Gb Total Space | 26,48 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive F: | 126,20 Gb Total Space | 32,77 Gb Free Space | 25,96% Space Free | Partition Type: NTFS
Drive G: | 120,11 Gb Total Space | 27,80 Gb Free Space | 23,14% Space Free | Partition Type: NTFS
Drive H: | 129,15 Gb Total Space | 65,59 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
Computer Name: STIGMA-PC | User Name: stigma | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.12 20:11:49 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\stigma\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2008.01.21 04:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.11 13:17:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.08.15 02:22:10 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.07 22:20:38 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.03 16:41:12 | 000,168,864 | ---- | M] () [Auto | Stopped] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2012.06.29 05:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.06.29 06:18:57 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.01 16:04:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.13 21:19:30 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- f:\Programme\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.04.11 18:24:52 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.03 16:41:04 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2012.05.21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.29 06:18:58 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.29 06:18:57 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.06.16 16:10:08 | 001,308,160 | -H-- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAHS164.sys -- (CorsairCAHS1)
DRV:64bit: - [2010.12.08 12:53:38 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2010.06.29 15:20:39 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.06.29 15:20:38 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.05.15 19:33:25 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.09.02 12:09:34 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.06.17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.01.26 17:30:03 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = go.web.de/homehxxp://go.microsoft [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.web.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 57 09 31 F7 90 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gomtv.com/gomtvx-plugin: C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll ((주) 그래텍)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\stigma\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.23 19:48:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: g:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 05:35:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: g:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: G:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 05:35:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: G:\Program Files (x86)\Mozilla Firefox\plugins
[2012.03.08 23:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stigma\AppData\Roaming\mozilla\Extensions
[2012.05.02 19:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stigma\AppData\Roaming\mozilla\Firefox\Profiles\2pn913tu.default\extensions
[2012.03.08 22:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.18 14:54:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\stigma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
O1 HOSTS File: ([2012.07.08 16:57:51 | 000,001,038 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 gosredirector.ea.com
O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org
O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 demangler.ea.com
O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - g:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [CAHS1Sound] C:\Windows\Syswow64\CAHS1.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [WinampAgent] g:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\stigma\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] g:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] G:\Programme\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - g:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - h:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - h:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {BBFD2D10-EC6E-4259-91D1-1E38C826E5E2} hxxp://app.gomtv.com/gomtv/gomtvx.cab (Launcher Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} hxxp://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{528621B6-ED19-4714-A310-4BA1D7859E91}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\stigma\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\stigma\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.09 06:38:22 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3753a2ca-6048-11df-b490-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3753a2ca-6048-11df-b490-806e6f6e6963}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{443c89f0-6f62-11df-babd-001d7de5a286}\Shell - "" = AutoRun
O33 - MountPoints2\{443c89f0-6f62-11df-babd-001d7de5a286}\Shell\AutoRun\command - "" = J:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ==========
[2012.09.12 20:11:47 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\stigma\Desktop\OTL.exe
[2012.09.01 03:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.08.23 11:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.08.23 11:18:59 | 000,000,000 | ---D | C] -- C:\Users\stigma\Documents\Guild Wars 2
[2012.08.22 11:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.12 20:11:49 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\stigma\Desktop\OTL.exe
[2012.09.12 19:32:22 | 001,586,922 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.12 19:32:22 | 000,680,576 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.12 19:32:22 | 000,640,016 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.12 19:32:22 | 000,148,472 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.12 19:32:22 | 000,121,900 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.12 19:27:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.12 19:26:17 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.12 19:25:26 | 000,024,064 | ---- | M] (Gerhard Schlager) -- C:\Windows\SysWow64\ctfmon.exe
[2012.09.12 19:24:41 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 19:24:41 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 18:09:17 | 000,002,032 | ---- | M] () -- C:\Users\stigma\AppData\Local\d3d9caps.dat
[2012.09.12 16:59:13 | 000,001,738 | ---- | M] () -- C:\Users\stigma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.09.12 16:39:12 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for stigma.job
[2012.09.12 16:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.12 14:01:05 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E0C5D0D7-2091-4ACB-A618-D4D97D394CC7}.job
[2012.09.01 03:13:17 | 000,000,635 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.08.23 11:19:56 | 000,000,593 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.21 14:45:36 | 023,548,148 | ---- | M] () -- C:\Users\stigma\Desktop\me gusta.zip
[2012.08.16 06:57:38 | 000,231,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.12 16:59:13 | 000,001,738 | ---- | C] () -- C:\Users\stigma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.09.12 16:59:10 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.01 03:13:17 | 000,000,635 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.08.23 11:19:56 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.21 14:45:23 | 023,548,148 | ---- | C] () -- C:\Users\stigma\Desktop\me gusta.zip
[2012.07.07 22:07:53 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.07 22:07:48 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.07 22:07:47 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.02.21 20:31:26 | 000,143,360 | ---- | C] () -- C:\Windows\VmixHS1.dll
[2012.02.21 20:31:22 | 000,013,521 | ---- | C] () -- C:\Windows\CAHS1.ini.cfl
[2012.02.21 20:30:35 | 000,002,029 | ---- | C] () -- C:\Windows\CAHS1.ini.cfg
[2012.02.21 20:30:35 | 000,000,643 | ---- | C] () -- C:\Windows\CAHS1.ini.imi
[2012.02.21 20:30:34 | 000,000,638 | ---- | C] () -- C:\Windows\CAHS1.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.06 06:12:49 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2010.12.19 10:57:25 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.19 10:57:24 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.11.12 18:37:15 | 000,072,764 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.11.03 11:49:38 | 000,002,032 | ---- | C] () -- C:\Users\stigma\AppData\Local\d3d9caps.dat
[2010.10.29 02:11:35 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\psfind.dll
[2010.10.18 14:54:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.24 18:19:06 | 000,027,136 | ---- | C] () -- C:\Users\stigma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.04 14:53:54 | 000,000,094 | ---- | C] () -- C:\Users\stigma\AppData\Local\fusioncache.dat
[2010.01.26 15:48:41 | 000,001,460 | ---- | C] () -- C:\Users\stigma\AppData\Local\d3d9caps64.dat
========== LOP Check ==========
[2012.08.24 14:46:14 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\.purple
[2010.01.29 12:38:45 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Avanquest
[2011.04.24 23:36:43 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\com.jamlegend.JamBox
[2012.07.08 15:46:05 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Command and Conquer 4
[2012.02.21 20:34:57 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Corsair
[2010.06.07 10:52:57 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\DAEMON Tools Lite
[2010.05.15 19:37:32 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\DAEMON Tools Pro
[2010.03.30 18:28:09 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Electronic Arts
[2012.03.08 23:01:38 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Free Download Manager
[2010.04.04 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\GetRightToGo
[2012.02.14 16:53:22 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\gtk-2.0
[2010.04.30 22:05:53 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\IrfanView
[2010.06.11 16:44:10 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\LolClient
[2010.02.27 15:17:30 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2012.05.31 19:31:15 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\LolClient2
[2011.02.27 21:58:46 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Miranda
[2011.08.12 14:00:26 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\MusicNet
[2012.07.15 23:01:58 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Need for Speed World
[2010.04.24 16:40:33 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Octoshape
[2011.09.30 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Origin
[2010.12.25 01:56:21 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\PPLive
[2012.03.20 19:12:55 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Quhedy
[2010.10.06 11:46:48 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\RayV
[2012.03.30 20:12:08 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Ric
[2011.03.26 19:37:19 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\RIFT
[2010.07.18 23:17:42 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\runic games
[2012.04.02 18:34:28 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\TeamViewer
[2010.03.24 23:50:00 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\The Creative Assembly
[2012.07.29 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\TS3Client
[2010.04.04 14:59:09 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\Turbine
[2011.03.10 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\stigma\AppData\Roaming\wargaming.net
[2012.09.12 17:34:53 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.12 14:01:05 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E0C5D0D7-2091-4ACB-A618-D4D97D394CC7}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.01.26 15:49:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.01.27 21:03:01 | 000,000,000 | ---D | M] -- C:\ATI
[2010.01.26 15:45:27 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.03.09 17:23:40 | 000,000,000 | ---D | M] -- C:\Downloads
[2012.05.14 15:34:18 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2008.01.21 05:03:26 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.21 20:31:22 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.07.19 20:54:28 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.09.12 16:59:10 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.01.26 15:45:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.09.12 18:07:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.05.14 15:38:14 | 000,000,000 | R--D | M] -- C:\Users
[2012.08.29 00:12:17 | 000,000,000 | ---D | M] -- C:\Windows
[2011.02.26 11:54:37 | 000,000,000 | -H-D | M] -- C:\_Backup
[2010.01.28 17:36:43 | 000,000,000 | RHSD | M] -- C:\_Backup.RC
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 18:24:37 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< MD5 for: AGP440.SYS >
[2008.01.21 04:45:58 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.21 04:45:58 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:45:58 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 04:45:58 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 18:23:06 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 18:23:06 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2009.04.11 18:23:48 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 18:23:48 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2009.04.11 18:24:09 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 18:24:09 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.21 04:46:07 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008.01.21 04:46:07 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 18:23:45 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 18:23:45 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 18:24:53 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 18:24:53 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2008.01.21 04:46:02 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.21 04:46:02 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.04.11 18:24:35 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 18:24:35 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 18:24:20 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 18:24:20 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 18:24:05 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.11 18:24:05 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009.04.11 18:23:45 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\SysNative\user32.dll
[2009.04.11 18:23:45 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:49:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:49:40 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:48:49 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 04:48:49 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 18:24:19 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 18:24:19 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2009.04.11 18:24:38 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 18:24:38 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:48:44 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.21 04:48:44 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.09.12 20:14:21 | 002,883,584 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT
[2012.09.12 20:14:21 | 000,262,144 | -H-- | M] () -- C:\Users\stigma\ntuser.dat.LOG1
[2010.01.26 15:48:40 | 000,000,000 | -H-- | M] () -- C:\Users\stigma\ntuser.dat.LOG2
[2012.08.26 18:41:03 | 001,048,576 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13e-426d-11e0-9ff8-00ff01000001}.TxR.0.regtrans-ms
[2012.08.26 18:41:03 | 001,048,576 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13e-426d-11e0-9ff8-00ff01000001}.TxR.1.regtrans-ms
[2012.08.26 18:41:03 | 001,048,576 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13e-426d-11e0-9ff8-00ff01000001}.TxR.2.regtrans-ms
[2012.08.26 18:41:03 | 000,065,536 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13e-426d-11e0-9ff8-00ff01000001}.TxR.blf
[2012.09.12 19:18:11 | 000,065,536 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13f-426d-11e0-9ff8-00ff01000001}.TM.blf
[2012.09.12 19:18:11 | 000,524,288 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13f-426d-11e0-9ff8-00ff01000001}.TMContainer00000000000000000001.regtrans-ms
[2011.02.27 23:35:09 | 000,524,288 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{03f2e13f-426d-11e0-9ff8-00ff01000001}.TMContainer00000000000000000002.regtrans-ms
[2011.02.27 03:25:25 | 000,065,536 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf
[2011.02.27 03:25:25 | 000,524,288 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms
[2010.01.26 15:50:08 | 000,524,288 | -HS- | M] () -- C:\Users\stigma\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000002.regtrans-ms
[2010.01.26 15:48:40 | 000,000,020 | -HS- | M] () -- C:\Users\stigma\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
--- --- --- |
