Jump to content

Recommended Posts

My computer got infected by ms removal tool this afternoon I've tried running mbam a couple times but it hasn't been able to so anything to it. So far its preventing me from running most .exe files in my admin account, it's either removed or hidden all the restore points on my hard drive so no system restore and every time I try and boot in safe mode it redirects me to the normal start up. heres's the latest mbam log, I deleted the malware it found and restarted but ms is still there. I don't have a recent hijack this log as I've had trouble running it as admin. any help would be deeply apretiated.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6299

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

4/10/2011 12:36:26 AM

mbam-log-2011-04-10 (00-36-26).txt

Scan type: Quick scan

Objects scanned: 160205

Time elapsed: 9 minute(s), 30 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Hello and :welcome:

Note: If using Firefox right-click on any download links and choose Save As

Please download OTH to your desktop

Please download OTL to your desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

OTH_Main.gif

Then select Start OTL. OTL will now run

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

    [*]Click the Internet Explorer button, post these logs in your Virus Removal topic.

Link to post
Share on other sites

Please try to run this instead.

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

new problem, the ms removal thing did not come up when I logged into the admin but towards the end of the scan combofix was running (stage 48) it froze and now I can't access the internet on that computer. I checked the rest of my computers to see if it was a problem with my connection but its isolated to that computer.

Link to post
Share on other sites

Hey, sorry this took a while to get up I had class today.

OTL Extras logfile created on: 4/11/2011 8:29:54 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\user\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free

6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 454.81 Gb Total Space | 44.85 Gb Free Space | 9.86% Space Free | Partition Type: NTFS

Drive D: | 10.95 Gb Total Space | 5.19 Gb Free Space | 47.37% Space Free | Partition Type: NTFS

Drive E: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{01F1E980-9C95-44E0-8B1B-068DF2406CE5}" = lport=137 | protocol=17 | dir=in | app=system |

"{044691A7-D8FD-4205-BC5E-C6A615DC645B}" = lport=139 | protocol=6 | dir=in | app=system |

"{52B9A1A3-674E-474E-97E9-F0FADDC143DD}" = rport=139 | protocol=6 | dir=out | app=system |

"{569CD084-85C1-440B-9D35-2A4E5A1F1A50}" = rport=445 | protocol=6 | dir=out | app=system |

"{56F877BD-FD74-48EC-858E-D3765634BE0E}" = lport=138 | protocol=17 | dir=in | app=system |

"{75977648-2650-4240-AF21-7F858C59909E}" = lport=65066 | protocol=17 | dir=in | name=charbuilderfull |

"{7D5A120D-50C8-4E04-A346-5C03EAA8F894}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |

"{9850AC9E-7EF2-40FD-A103-627FD3059DE7}" = rport=138 | protocol=17 | dir=out | app=system |

"{A04F63DC-7C12-45DF-92AB-E0E543122748}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{D3691069-ABA9-4762-BD38-9B021494C514}" = rport=137 | protocol=17 | dir=out | app=system |

"{D67453A1-75C8-4126-8622-C4FB5248119D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{F4907D4E-8794-4D71-8375-7C26C3F3C699}" = lport=445 | protocol=6 | dir=in | app=system |

"{FA93BDCA-D336-40A8-96A5-DBA9FB3291C0}" = lport=7001 | protocol=17 | dir=in | name=afs cachemanager callback (udp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00C2FD9C-B9BB-4C9F-81B2-6F9E91D94B34}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\blizzard installer bootstrap - 02c1ffa0\installer.exe |

"{05552F29-A122-4690-BF09-EB4F48173ECC}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |

"{055F35A9-E52A-4675-92D5-41319A001D32}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |

"{08F079D6-3D83-41B3-8F42-CE030B4B7B47}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |

"{08FBFCBF-AFA6-4F08-A177-8777B7087DEE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{09073C70-C144-4AB8-81C7-488118A3909B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |

"{09566F4F-BADD-4644-AC71-48D312CF0333}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |

"{0C3F0C89-3438-4D22-98B7-0947B7CC39BA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |

"{0C9440A7-C614-4DDA-9FE4-32BD7593C0D0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |

"{0CB36330-7E5E-439A-8156-C93159C3F8DF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sherlock holmes 3 demo\demo.exe |

"{0DB01D77-1FD9-4A12-B791-63221EE09CDF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\ultimate doom\ultimate.bat |

"{10CFDCA6-38F1-4E6A-8920-BD9C1D889FC3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |

"{11B6A9DF-EB5C-4BB6-97BA-B7E7DF979422}" = protocol=17 | dir=in | app=c:\program files\ea games\the battle for middle-earth \game.dat |

"{1642E67D-2E83-495E-AD98-B418401BDD40}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |

"{1793D197-78B2-4021-99D9-62428BAC9AFF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\final doom\plutonia.bat |

"{192EDE0A-156A-4295-B080-83D55F7A7E35}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london demo\launcher.exe |

"{19AE2B1F-30D1-4B17-944B-49906E2865F3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mount and blade\runme.exe |

"{1AE67880-195D-4D74-AE2E-7C4A89CE661E}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |

"{1B3274F3-855D-4598-A6B2-6E6F387097C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\ultimate doom\ultimate + mouse.bat |

"{1D98DB67-62B9-4008-8475-7D690428D233}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\hexen\hexen.bat |

"{1EF2C473-0E36-4221-9711-87C4D7C05F36}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\defense grid demo\defensegriddemo.exe |

"{1F010204-A2F3-47E5-BF7C-0CE96AFAA98C}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |

"{2569F57B-770B-457E-8258-9BEE3DA2605B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |

"{2723319A-6D49-41B1-9A22-A721867F92D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{27508A78-BCC3-48DC-99FC-A8A0385BD54D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cogs\cogs.exe |

"{27CF0B5F-FC77-4183-961C-9FE67CA23A4D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\quake\glquake.exe |

"{29234C64-262B-4729-A4EE-B803932E1242}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |

"{2971F249-2C49-4098-948D-04606B35DEAE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |

"{2CA4D6BC-BE17-417A-8ECC-DEEE1FA8C4E5}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ii\game.dat |

"{2DB53D2A-5D4D-4781-A1A1-2AD125130969}" = protocol=6 | dir=in | app=c:\games\mass effect\binaries\masseffect.exe |

"{2ECDF74A-005E-4F98-8DA4-F7B34C1A33F2}" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo 2\halo2.exe |

"{2F3694DE-5B1F-4327-A6F9-490C779CA4D0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\saints row 2\sr2_pc.exe |

"{2F6FCD55-5168-4ED9-B48A-86998B0365B7}" = protocol=17 | dir=in | app=c:\games\mass effect\binaries\masseffect.exe |

"{3034E9D4-618F-49AF-AD3E-2DDACF82A834}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cogs\cogs.exe |

"{3069EAF7-BBE0-47B9-B7DA-35E646B956F0}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |

"{321FE920-3084-40E6-9DFA-E6C8415ECF65}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war ii - spd\dow2.exe |

"{352010E6-4E3A-4B22-B4D0-D71104D2308D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\quake\winquake.exe |

"{355E9974-DAB5-4D97-906E-32D9BF17DC39}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{35C931F2-DF2D-4B5E-8B61-63B66CBC5582}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\quake\glquake.exe |

"{35E09E6D-9F08-4990-A84E-332CABF75308}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{3687BF2D-5EF8-4F2B-8392-30C55A687CDB}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |

"{37E42CA8-9C45-4E6A-AB24-2E51A2BA283B}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |

"{38538F16-694B-482F-91C6-17A8D920501A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\quake\glqwcl.exe |

"{3DD6A0EE-E150-45A8-991D-B2A6C098342D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\monday night combat\binaries\win32\mnc.exe |

"{3DF46816-13B4-4250-BAC0-CD64CE8BF592}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent\launcher.exe |

"{3E76EE9F-D273-45AD-80D3-FCFB55DFC93A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\quake\qwcl.exe |

"{3F1015EF-5DAD-40D8-8C53-1B1254F29C6E}" = protocol=6 | dir=in | app=c:\program files\ea games\the battle for middle-earth \game.dat |

"{40D2442C-2F23-438A-8F0B-6834268DDCE7}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\blizzard installer bootstrap - 02c1ffa0\installer.exe |

"{411CB150-39B2-4CFF-9D3F-26BF39B63EDD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\doom 3\doom3.exe |

"{42976949-E2DF-4112-8B9C-2AD229DB3BC8}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |

"{46796F52-E2CE-41B3-B319-6E8CB8DBF7CC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\doom 2\doom2.bat |

"{48DB1A34-1480-45E6-9A9B-4A29FC8DBE20}" = protocol=6 | dir=in | app=c:\program files\microsoft games\viva pinata\viva pinata.exe |

"{4BF91E27-80A4-460B-89DF-E5A6E25183D2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\quake 3 arena demo\quake3.exe |

"{4D29B9E1-8A0F-40EA-8D86-554E32C8B19F}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{4D41AEC5-1B23-4DB0-B00D-C2FC280F9E19}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\tempelevator.exe |

"{4F1633DD-AB21-4495-8BFA-43CDF1295251}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\final doom\tnt + mouse.bat |

"{508DCF3A-ECE8-450B-9B96-3541850C271A}" = protocol=6 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |

"{5407B85F-BD60-448C-B877-9B846A73A32F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\final doom\tnt + mouse.bat |

"{55213BB7-CE61-4C75-9D9D-478629EAEF5E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\enemy territory quake wars demo 2\etqw.exe |

"{553218E6-545D-4DD3-B183-91069D92B1FF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\saints row 2\sr2_pc.exe |

"{5716DEFF-3904-4127-97DA-20CC9CC10DB6}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |

"{5800EE8A-433B-41DF-87EA-DEDC30A85098}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |

"{5AEC746F-C3F9-4702-890F-4544E58DAF42}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\ultimate doom\ultimate.bat |

"{5B80228E-17F5-4860-AA21-AA473EB94E4C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\star ruler - demo\starruler.exe |

"{5B92A415-9EC4-4000-96F3-FD9ABD3B241C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dead space\dead space.exe |

"{5DE1212F-4269-49D9-8DD7-61F5DABFCF4A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |

"{622FF412-B62B-4F0F-866E-E6B66D0DD84A}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{62FDA42C-AFF4-4C5A-ADF5-45767B0696C9}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london demo\launcher.exe |

"{63D27722-4F77-4183-835F-996EC920E020}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dead space\dead space.exe |

"{67C2984C-ABB2-4C90-9A50-104E0A19C9C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe |

"{6A733C18-75BC-47EE-A66C-1DDF57133938}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\quake 3 arena demo\quake3.exe |

"{6B0230F2-7B41-4DB7-8079-22C76F28FA8A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |

"{6CC17083-6792-4C3A-BB3E-43B234B32D14}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sherlock holmes 3 demo\demo.exe |

"{6CD2C6F3-2DB9-4BA1-BCF0-3252E1CB64C0}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |

"{6E3C719C-7E78-46BB-9217-F09DDBA20A97}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander - forged alliance demo\bin\forgedalliance.exe |

"{70395F1F-D62F-4F64-8453-1540ADECD574}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |

"{7053AF50-ECFB-4841-8D2D-30BB0F676CF1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |

"{707FEB67-C5C1-4DC3-8F2E-E18E1D4A0730}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent\launcher.exe |

"{71F74142-FF98-47C2-8C1C-45C0060DFEC4}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |

"{7201E477-BFE0-4C80-90FA-F65509C495AD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{72E0F725-33C4-4D9A-ACED-4D5FF81EDB1B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\final doom\plutonia + mouse.bat |

"{7323C712-0825-489B-A84F-20D73BBB45B4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\peggle deluxe\peggle.exe |

"{74A26EE7-4412-4058-A208-A1E0B13FFFF8}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |

"{759BD54A-3B5D-4478-97A9-3ECF48A7614A}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |

"{76B06AFA-CC7A-475A-8F9A-78A2824A1DBA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\heretic shadow of the serpent riders\heretic.bat |

"{76D213AB-7D7C-42AE-85F8-5705287BDCE4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |

"{76D36E8D-3560-49D9-A3BB-1940E7878E24}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |

"{77039802-00B1-4655-AB98-56CE1BC1810C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\monday night combat\binaries\win32\mnc.exe |

"{79E1E5E8-14FC-48A6-AFDC-333AC2389BA6}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |

"{79FE0DF2-3360-4B8D-8D16-79EF8D0F7971}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\iron grip warlord\igwarlord.exe |

"{7A5A7F15-7C95-4F71-A504-1E0894EE7783}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |

"{7B118B2E-13D8-412E-BCBA-3A3ADB895C53}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\peggle deluxe\peggle.exe |

"{7B7C0863-95D1-4180-B10F-0D008B55DD3E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\doom 2\doom2 + mouse.bat |

"{7B9D01CD-0907-465D-8B88-4AFEF44E47B5}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |

"{7DEA18D5-01F6-420A-88C0-C132B086A4A5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe |

"{80938907-2ADE-4E1C-BDBE-42A470B4B9D2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\enemy territory quake wars demo 2\etqw.exe |

"{8192F9CF-F672-4EB4-8BA6-C57E09603478}" = protocol=6 | dir=in | app=c:\program files\paradox interactive\majesty 2 (demo)\majesty2-demo.exe |

"{820F9810-A337-4FFC-BACF-7EDABB4AD252}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |

"{845772C9-FB34-4725-B2B2-82256E601D8C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the ball demo\binaries\win32\theball.exe |

"{84F4D06B-98DA-40F4-93E9-92620FC87BFE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crayon physics deluxe demo\launcher.exe |

"{85160A5E-31B4-4038-BB4B-4D793444F346}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war ii - spd\dow2.exe |

"{8551FEB6-4D27-4C5D-934E-5BB82092429E}" = protocol=6 | dir=in | app=c:\games\mass effect\masseffectlauncher.exe |

"{87208A0D-A8A9-4790-87CB-40A97A6E45FC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\just cause 2 demo\justcause2.exe |

"{877A5796-1B97-424A-88D9-A09E8D15B8DE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |

"{8881C063-DBDD-4DB4-A8B7-273281EDE9A4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\final doom\plutonia + mouse.bat |

"{89C40DB6-E012-4D96-938B-5D0FBD2F42D0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |

"{89FE3DF0-D4E5-45D3-89B7-7E26B9B862D0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |

"{8A7C49ED-EF7D-4138-857C-4842B600691D}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |

"{8B5C1566-4AFB-4CFB-84EF-7EB9905F8D89}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |

"{8DB4553C-698B-4456-B6F9-A198AC7D0E6F}" = protocol=17 | dir=in | app=c:\program files\stardock games\demigod\bin\demigod.exe |

"{8EEA346C-B9ED-4D80-8B4E-DAA0CD79387E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |

"{90735BBC-F2ED-4659-93F3-42A865F42858}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\quake\glqwcl.exe |

"{9579F620-FCE6-4566-97D8-6AD9301F51E4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\hexen 2\glh2.exe |

"{9A31ED43-3888-492B-9D23-391110263CD8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the ball demo\binaries\win32\theball.exe |

"{9B168360-BC2C-4B96-BCEE-6F8C3A424C44}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\star ruler - demo\starruler.exe |

"{9BB0C102-B2CB-4E1D-A51E-B5FCA7037084}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth ii\game.dat |

"{9EEE13D4-A6FB-4BB5-BD4B-D43123104629}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |

"{A2FE35D2-E801-4A03-AD7A-2D67F2696C53}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |

"{A4E693F3-81C7-49C9-A701-C3FCBC6AE7BD}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |

"{A84E1269-2E6B-423A-9575-F94B83E1067F}" = protocol=17 | dir=in | app=c:\program files\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |

"{AC406FAE-4EA1-4418-B0B2-5E018737FA43}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |

"{AD86024F-29DC-4C76-ADA1-E50AD447B045}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{AE5A9975-E723-46FB-84F5-6B3D6C7E396A}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |

"{B1AD15DF-79EE-4D2B-B6D1-CA607D0D32E6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |

"{B6021E38-44F3-4BC7-96D3-B54CA62D8E21}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\heretic shadow of the serpent riders\heretic.bat |

"{B8FF5ACC-781A-4E8C-AB93-51C632F9FF2E}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\tempelevator.exe |

"{B98784B5-281C-497D-BF16-8D197411E21F}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |

"{BAA965BE-A811-483D-9BFF-C52C28C02FFF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\just cause 2 demo\justcause2.exe |

"{BFB31F24-DF31-44FB-9B1D-C0D2D6A14EC6}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |

"{C531F055-0740-4F35-946F-F944A544323A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\iron grip warlord\igwarlord.exe |

"{C5F82796-E889-47BF-9E60-E9E28BEE4FD2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |

"{C9739DCB-B3AB-4240-B245-C16233ED884C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\quake\winquake.exe |

"{CA7F80FE-6454-43B4-9DC0-F88EE6189FB2}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |

"{CBDEA0A1-4144-4C92-98EA-2C1D51A5C90C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |

"{CCD4FC51-9849-4FE3-896F-398FF899EF72}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\hexen 2\glh2.exe |

"{CF7F850F-5509-464F-BE04-1A5E3905A1E7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\final doom\tnt.bat |

"{CFF64F11-DAD0-40DD-A78A-5CD439A401F5}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |

"{D0D1B5FD-AC00-42D2-867B-7A2AE9AB33C7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |

"{D5B735DF-989D-422E-BB94-450969C66D19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{D7EE8A0A-A148-4EE9-9DF2-9CB72BED1952}" = protocol=17 | dir=in | app=c:\program files\paradox interactive\majesty 2 (demo)\majesty2-demo.exe |

"{D86871BB-8887-49D2-B346-EB7947F82958}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |

"{DA113DE0-0980-4DEF-89BD-DA280B937B79}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |

"{DA9134F4-7CE7-451E-A08D-2B8F2947D714}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\doom 3\doom3.exe |

"{DA94ED4A-442A-40C3-B08A-43FA6A19415B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\final doom\plutonia.bat |

"{DA99F4CD-A011-4265-94B4-00A0879C754D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\ultimate doom\ultimate + mouse.bat |

"{E1AD2605-E878-468C-81D1-6A37BF7DF4CD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{E1AF3A02-5CDB-4D88-8E1E-1967F319ACBF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\doom 2\doom2 + mouse.bat |

"{E1F243A2-2351-47A7-937D-4DCB7A6467D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |

"{E2C9AC87-D37C-42AA-9E48-2DBC358FA118}" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo 2\halo2.exe |

"{E3521D47-E774-4889-84CA-F5A5A9006DCC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{E57BBF26-DFE4-465D-AAD2-D081BB074D4C}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander - forged alliance demo\bin\forgedalliance.exe |

"{E6BF5A93-3EC8-41D9-B999-5578862DA108}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crayon physics deluxe demo\launcher.exe |

"{E7917240-B604-4E3D-8962-EB792EBD8F8E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mount and blade\runme.exe |

"{E96DDF65-4EDE-4FD0-B190-BAFDB18807AD}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |

"{EBB82198-4767-4C65-BFD7-B2489ACD2F6C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\quake\qwcl.exe |

"{EBE93DF4-C974-49F5-B4D7-6792101ECCEC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\final doom\tnt.bat |

"{ED78C617-BE3A-4D40-AE47-E8E02514701D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\hexen\hexen.bat |

"{F29D459A-6645-4FD8-871D-AFCFBFB14D85}" = protocol=6 | dir=in | app=c:\program files\stardock games\demigod\bin\demigod.exe |

"{F2CEFAD8-69EA-4465-A92E-6DA39480E08C}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |

"{F6CC53AA-5270-4999-91CC-AB8F38169A75}" = protocol=17 | dir=in | app=c:\games\mass effect\masseffectlauncher.exe |

"{F754BA72-C5C8-4143-B1B7-3B1C915D9DEF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\defense grid demo\defensegriddemo.exe |

"{F85BBF58-5078-4021-90C3-2228B6838FF9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{FAC392E5-B0E8-4D08-AAB7-EDC494A8AF75}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |

"{FB310E56-6AAB-48E9-BB66-8042139EF272}" = protocol=17 | dir=in | app=c:\program files\microsoft games\viva pinata\viva pinata.exe |

"{FCF37271-B2BD-4F0C-924A-FA18403986CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{FE7D4A4E-F62A-4ABD-B6E8-829CB104B6A7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\doom 2\doom2.bat |

"{FE96288A-D045-4FDF-AF43-4B1F827200A5}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |

"TCP Query User{0026220A-5C35-4BA5-9E93-3EB6C62DD7F5}C:\users\user\documents\diablo3-gameplaytrailer_en-us-downloader.exe" = protocol=6 | dir=in | app=c:\users\user\documents\diablo3-gameplaytrailer_en-us-downloader.exe |

"TCP Query User{02B5967A-6624-4418-9454-706504EEDE5C}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |

"TCP Query User{0BD7CBA2-CC4D-4354-B0C7-8C03F73FF3BB}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\wzf6hzb8\1280_starcraft2gameplayvideo_englishus2-avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\wzf6hzb8\1280_starcraft2gameplayvideo_englishus2-avi-downloader[1].exe |

"TCP Query User{0E94E474-2808-4002-8371-6AB7C64A02B3}C:\program files\starcraft ii beta\versions\base16094\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base16094\sc2.exe |

"TCP Query User{16D836EA-9670-443E-B652-FAF5CD5F39BD}C:\program files\starcraft ii beta\versions\base15580\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15580\sc2.exe |

"TCP Query User{21E4318F-5A5E-48F2-BF97-4E6CC1EE769F}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\tqxgcmij\download[1].exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\tqxgcmij\download[1].exe |

"TCP Query User{243C3B64-02A9-4AC0-A15B-74AB1E7103AD}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"TCP Query User{271CEF11-FC3C-4404-9BF5-39F8969179AA}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |

"TCP Query User{31C26009-BE9F-45B6-BCCE-B3F263E994B0}C:\program files\starcraft ii beta\versions\base16036\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base16036\sc2.exe |

"TCP Query User{3325B934-3CA4-4143-9D2B-E2E822DE2E3D}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |

"TCP Query User{3BE11634-C766-47CE-80E0-2C06D763DFFD}C:\program files\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war\w40k.exe |

"TCP Query User{4370243C-10C5-4474-A1BC-022DF35FB9B8}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe |

"TCP Query User{4A4792F0-FDC3-4B0E-83C5-6D553C872A09}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"TCP Query User{4A5F06CA-C36E-4490-A4D3-5FC8E47A7D12}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |

"TCP Query User{4C13D7C3-7CBC-4F3A-BF70-94EAB4E6FE14}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |

"TCP Query User{4D3DB182-9A3F-42BB-A4A7-A753AE7D2465}C:\program files\starcraft ii beta\versions\base15623\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15623\sc2.exe |

"TCP Query User{4EF740EF-525F-4791-B257-330F706840BB}C:\program files\starcraft ii beta\versions\base15976\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15976\sc2.exe |

"TCP Query User{51B1725F-4FE2-45D1-8C4A-92CB2934F23A}C:\users\public\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe |

"TCP Query User{5839E658-9F2C-4AB5-A80B-E4E7E107A798}C:\users\user\appdata\local\temp\blizzard launcher temporary - 1321a4e0\launcher.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\blizzard launcher temporary - 1321a4e0\launcher.exe |

"TCP Query User{65EE1D76-88F9-4FF8-8C8C-423F3707D603}C:\program files\sierra\fear\fpupdate.exe" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fpupdate.exe |

"TCP Query User{687B7448-67DF-4D85-833E-45ED591296CD}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"TCP Query User{78B558F0-BBDD-45AC-B41A-3BE503326ABC}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-enus-downloader.exe |

"TCP Query User{80BF2040-2AEC-4F61-8558-3D489B1C1DD0}C:\program files\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war\w40k.exe |

"TCP Query User{81BE563E-0481-4407-A5D7-BBCC09CA859B}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |

"TCP Query User{8232ECE8-B6D5-4449-80FD-44BD0DBF4B88}C:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |

"TCP Query User{8486A347-7EA5-423E-9ED0-7D85143BD459}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |

"TCP Query User{855CD3B4-5132-445C-820C-1D638A8BF47A}C:\program files\thq\dawn of war\w40kwa.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war\w40kwa.exe |

"TCP Query User{8655F590-C480-49D9-A6D7-9F621F429BA0}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |

"TCP Query User{8AB48162-576C-4D74-A1A1-4479AEB6CA50}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe |

"TCP Query User{8DDB702A-3FC2-410B-A977-35D3C1C69589}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe |

"TCP Query User{91F23A65-2227-4516-AFD0-C090F56AE0A5}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |

"TCP Query User{9AECC902-8346-4E1B-B6FC-2BA1CBCA55B7}C:\program files\diablo\diablo.exe" = protocol=6 | dir=in | app=c:\program files\diablo\diablo.exe |

"TCP Query User{9EDB8EDB-A33C-43B9-807C-2E3C5687D637}C:\program files\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo\halo.exe |

"TCP Query User{A753E33B-C3B4-4A56-8C1A-BBDECDBE8BD5}C:\program files\starcraft ii beta\versions\base15392\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15392\sc2.exe |

"TCP Query User{A7AD03CC-CEC5-4B02-B43C-E892383544A9}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |

"TCP Query User{A887EC71-FA0F-4882-9DB6-86478C5AA254}C:\program files\microsoft games\halo 2\halo2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo 2\halo2.exe |

"TCP Query User{B4259CDF-BD21-4577-AF16-2F19D99D48F8}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\pq9i58bv\terran_demo_esrb_xvid.avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\pq9i58bv\terran_demo_esrb_xvid.avi-downloader[1].exe |

"TCP Query User{B9C8B0AF-D258-49FA-8483-1D182132F9A5}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |

"TCP Query User{BE865834-D54A-43D2-A268-4DF890471461}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |

"TCP Query User{C199FFE5-617D-4830-BE4D-FD99D9680BCE}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |

"TCP Query User{C3D04E03-2F44-4EB0-8ABA-F86E314BF92B}C:\program files\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo\halo.exe |

"TCP Query User{C5F3E9DA-D550-4657-A210-C47DC1F23B2D}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\drgwf51r\ddi_cb[1].exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\drgwf51r\ddi_cb[1].exe |

"TCP Query User{CCF14CBE-668D-4709-9585-042FC0B640ED}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |

"TCP Query User{CD60CECF-61A0-4CB5-B1D6-04DABB817A60}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |

"TCP Query User{D435C844-5677-4E79-82E9-3658D3CA110D}C:\program files\starcraft ii beta\versions\base15449\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15449\sc2.exe |

"TCP Query User{DDB004FB-FA42-41DB-B9AF-6776525F1B9F}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |

"TCP Query User{DECE94FF-552C-4140-9C92-BA9D80648E9A}C:\program files\turbine\dungeons and dragons online - eberron unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\dungeons and dragons online - eberron unlimited\dndclient.exe |

"TCP Query User{E1FB648A-1BEB-452F-946C-F7A4569F10F0}C:\program files\starcraft ii beta\versions\base15655\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base15655\sc2.exe |

"TCP Query User{EDE3AF42-0975-4585-B76A-B737016D6AB8}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |

"TCP Query User{EEF5CE52-C984-46CE-B2B3-DA0CC9A2B827}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

"TCP Query User{EF63B370-5F2F-4A8A-806F-CE38DB944658}C:\python26\pythonw.exe" = protocol=6 | dir=in | app=c:\python26\pythonw.exe |

"TCP Query User{F1EB986E-5D5E-4268-B4BE-2C6C9A4067BA}C:\program files\steam\steamapps\reaperking34\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\reaperking34\team fortress 2\hl2.exe |

"TCP Query User{FB553FAA-3A55-4A88-9405-D725F622BD4A}C:\program files\starcraft ii beta\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |

"TCP Query User{FCB294A2-3992-45B9-90A7-20AB1FBA6D2B}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |

"UDP Query User{00E14117-DFCE-4302-B8B9-58EA75B8EAF3}C:\program files\thq\dawn of war\w40kwa.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war\w40kwa.exe |

"UDP Query User{04226EF1-68EA-4A23-883F-FF15D6973969}C:\program files\starcraft ii beta\versions\base15580\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15580\sc2.exe |

"UDP Query User{0829E74A-7D47-405A-AB83-2B9311F2C836}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |

"UDP Query User{096CE575-187D-443D-AE05-82F16E3F5846}C:\users\public\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe |

"UDP Query User{1CEABBE4-0115-4F43-B54F-38B37C3B0EC1}C:\program files\diablo\diablo.exe" = protocol=17 | dir=in | app=c:\program files\diablo\diablo.exe |

"UDP Query User{2229599C-7A8E-4119-A882-F2825F7598EA}C:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |

"UDP Query User{2D7914A4-AB30-4CD1-BFEB-F54FDF1175EF}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |

"UDP Query User{32678C62-2B21-438A-8680-B89D2DE852AF}C:\program files\microsoft games\halo 2\halo2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo 2\halo2.exe |

"UDP Query User{3E4988E1-0513-44E3-BEF6-12470647310B}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe |

"UDP Query User{40E51CFF-47AA-4940-879C-8ECAE643C598}C:\program files\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war\w40k.exe |

"UDP Query User{4232D937-4FAB-48E1-95C1-EE79C1F814B8}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |

"UDP Query User{4348485F-8F59-4D18-BEDC-54453F9FDEA1}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\pq9i58bv\terran_demo_esrb_xvid.avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\pq9i58bv\terran_demo_esrb_xvid.avi-downloader[1].exe |

"UDP Query User{442A4D20-CA09-429F-804F-B2912F5B6915}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |

"UDP Query User{456A116F-4653-40C2-AA6A-1FAD3A93B009}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

"UDP Query User{497C79DF-4ABB-49F8-BF4F-3DB6A2E53F07}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |

"UDP Query User{4C5888BD-90AA-43D3-BF0B-1DB001052404}C:\users\user\appdata\local\temp\blizzard launcher temporary - 1321a4e0\launcher.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\blizzard launcher temporary - 1321a4e0\launcher.exe |

"UDP Query User{54D06BB8-436B-4FED-AFEA-B0C0D5728D68}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"UDP Query User{55D07DFE-9121-407A-B61F-6EB540C1F4AE}C:\program files\starcraft ii beta\versions\base16036\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base16036\sc2.exe |

"UDP Query User{59294E05-C385-4881-81A0-9AACE6303901}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |

"UDP Query User{5A7B5B79-C778-4E9E-B4ED-8650C9BF4491}C:\program files\starcraft ii beta\versions\base15449\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15449\sc2.exe |

"UDP Query User{626A1B2B-C47D-4FC7-9BBD-C58E48F07C7B}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\drgwf51r\ddi_cb[1].exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\drgwf51r\ddi_cb[1].exe |

"UDP Query User{6BC421AC-59FF-46CD-A215-6E1292A008FC}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-enus-downloader.exe |

"UDP Query User{6DF49557-138D-4AE0-B9E3-FF3CBE9BFCB7}C:\python26\pythonw.exe" = protocol=17 | dir=in | app=c:\python26\pythonw.exe |

"UDP Query User{76502321-A2A7-4B99-AFC0-A4923B7A0E8D}C:\users\user\documents\diablo3-gameplaytrailer_en-us-downloader.exe" = protocol=17 | dir=in | app=c:\users\user\documents\diablo3-gameplaytrailer_en-us-downloader.exe |

"UDP Query User{76A64E66-DCD2-4DD5-8B8F-B101B4DC8F32}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |

"UDP Query User{7F032D87-83E4-4617-AC55-DFB6E8E7451C}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |

"UDP Query User{826AB5E9-FB8C-4AC4-B1DB-66BF41B87F60}C:\program files\starcraft ii beta\versions\base15655\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15655\sc2.exe |

"UDP Query User{8589F693-44AA-427C-9529-305B4B81A063}C:\program files\turbine\dungeons and dragons online - eberron unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\dungeons and dragons online - eberron unlimited\dndclient.exe |

"UDP Query User{85EBD431-373A-43E7-B716-FBE133F722C7}C:\program files\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo\halo.exe |

"UDP Query User{86423433-009B-4476-8D65-44D5AE2E0C6C}C:\program files\starcraft ii beta\versions\base15343\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15343\sc2.exe |

"UDP Query User{86B2F649-D8F0-4DA4-976C-957746C21391}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"UDP Query User{91A0C775-A4BC-4977-A4E4-EF7D77F61FB2}C:\program files\sierra\fear\fpupdate.exe" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fpupdate.exe |

"UDP Query User{93948F12-2AB9-43B9-BC47-61A4044249A2}C:\program files\starcraft ii beta\versions\base15976\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15976\sc2.exe |

"UDP Query User{95A059E3-3004-4230-A40C-7177D5CAF5B6}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"UDP Query User{97DB6E68-2A5F-47AB-8EF4-7D3F778548C4}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |

"UDP Query User{9A72961F-38E7-46C7-BDBE-2101BCB2D726}C:\program files\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo\halo.exe |

"UDP Query User{9C1CFE98-FC5E-4DD5-97ED-B23E35ECFFC7}C:\program files\starcraft ii beta\versions\base15392\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15392\sc2.exe |

"UDP Query User{9E69D6CA-CA38-455C-8C39-36B4F17D1252}C:\program files\steam\steamapps\reaperking34\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\reaperking34\team fortress 2\hl2.exe |

"UDP Query User{9FC2DD98-4B70-4EA4-BDB5-63A235E6F1AC}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |

"UDP Query User{ABEE328C-78C6-47DC-9DB4-1B4A037AE070}C:\program files\starcraft ii beta\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |

"UDP Query User{B85C9E9F-F955-458B-9E74-81AC57879607}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\tqxgcmij\download[1].exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\tqxgcmij\download[1].exe |

"UDP Query User{C378085C-503C-4353-AA7A-9449B899B9F8}C:\program files\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war\w40k.exe |

"UDP Query User{C52E1D45-4AB8-4BD4-AC59-5606BCF4F3BD}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe |

"UDP Query User{CB9D572F-851E-4314-8519-EB23F7F70F14}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |

"UDP Query User{CCC16A0D-E741-4659-B66E-2F34D934DE53}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |

"UDP Query User{D59B52D9-AC40-4F31-9F94-BB4A50A2BB2E}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |

"UDP Query User{D8720624-C32E-483A-A66C-869B2D112940}C:\program files\starcraft ii beta\versions\base16094\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base16094\sc2.exe |

"UDP Query User{DEEDD3A9-DF1E-4165-9B79-E9B5B10B28DE}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |

"UDP Query User{E0AF9CD2-9DD5-47C8-9792-835D91D1DB6F}C:\program files\starcraft ii beta\versions\base15623\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base15623\sc2.exe |

"UDP Query User{E2A6E2E9-422B-4EA7-9933-4951670D4631}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe |

"UDP Query User{EDBA243E-0BD6-4308-B12C-7A874ED2D6CF}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |

"UDP Query User{F0194C7D-C8C5-4680-9B44-18EDD4593BA0}C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\wzf6hzb8\1280_starcraft2gameplayvideo_englishus2-avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\wzf6hzb8\1280_starcraft2gameplayvideo_englishus2-avi-downloader[1].exe |

"UDP Query User{F26B0447-3026-4C11-B3E0-6E68DDC704F2}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |

"UDP Query User{FDC0CE03-C424-4A9E-9F62-6FC0CE75FB2F}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0E06AFD5-2069-4ED6-A4AA-66CD1525D3BE}" = Nosferatu Demo

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series

"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects

"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729

"{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}" = Cisco Systems VPN Client 5.0.01.0600

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}" = Adobe Fireworks CS5

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Copy

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable

"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{2243C6DC-39EA-4D5E-B743-3AE510A91B3A}" = WeatherBug

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 22

"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime

"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth II

"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR

"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player

"{31D95937-B237-405D-920C-A3EF4E482222}" = Supreme Commander - Forged Alliance Demo

"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4

"{343EFA17-5BC5-44DA-924F-539ECBEFF68C}" = Viva Pinata

"{34B9B494-EF4A-4592-87A8-BE40D0442E86}" = Dawn of War - Soulstorm

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3d9ac095-e115-4e94-bdef-7f7edf17697d}" = Python 2.6.3

"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0

"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5

"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5

"{41EEF558-3585-4020-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client)

"{41EEF558-3585-4028-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client) English Language Pack

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011

"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729

"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands

"{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor

"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5783F2D7-9005-0409-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2011

"{5783F2D7-9005-0409-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2011 Language Pack - English

"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011

"{57EF5EE1-E32B-4EDE-9D50-3A82126800EE}" = Batman: Arkham Asylum Demo

"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur

Link to post
Share on other sites

No no problems that I've noticed, internet is running a little slow but other then that nothing. here's the full log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6299

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

4/12/2011 2:19:32 PM

mbam-log-2011-04-12 (14-19-32).txt

Scan type: Full scan (C:\|D:\|E:\|)

Objects scanned: 664845

Time elapsed: 5 hour(s), 21 minute(s), 59 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

I'm glad to hear that!

Your vista installation is outdated. I recommend you to visit Windows Updates and install all latest updates including Service Pack 2 for Vista.

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      Note - when ESET doesn't find any threats, no report will be created.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.