R-Firewall
Version 1.0
http://www.r-tt.com/r-firewall/
R-TT offers you a new system tool to extend security services on your computer.
R-Firewall is a FREE program comparable with commercial firewalls!
R-Firewall is an effective and easy-to-use solution to secure your on-line activity. It protects a computer connected to a local network and/or to the Internet against any intrusions, attacks, trojans, spyware, and other external and internal threats. R-Firewall also filters out inappropriate Internet pages content and blocks dangerous active components you may get while browsing over the Internet or receiving e-mail massages.
Automatic configuration during setup allows you securely surf the Internet right after the software installation. Mobile users can create multiple and easily switchable configurations for specific network environments (Internet surfing at home, office local networks, or public Wi-Fi spots).
The Windows boot time has become slow than usually. Difference = 3% (1 sec).
R-FIREWALL.EXE
Description: R-Firewall main module R-TT R-Firewall
MD5= 90C9C9EF2E1B66C6A5CDB2E2A8A2AF55
File is not signed.
File size= 200704
Related registry changes:
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\R-FIREWALL: “C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\R-FIREWALL\UNINSTALLSTRING: “C:\PROGRAM FILES\R-TT\R-FIREWALL\UNINST-R-FIREWALL.EXE”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\R-FIREWALL\DISPLAYICON: “C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE“
Description: R-Firewall main module R-TT R-Firewall
MD5= 90C9C9EF2E1B66C6A5CDB2E2A8A2AF55
File is not signed.
File size= 200704
Related registry changes:
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\R-FIREWALL: “C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\R-FIREWALL\UNINSTALLSTRING: “C:\PROGRAM FILES\R-TT\R-FIREWALL\UNINST-R-FIREWALL.EXE”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\R-FIREWALL\DISPLAYICON: “C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE“
ADBLOCK.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 025C5D103E8F0F2B53993F6BF28BF3A4
File is not signed.
File size= 15488
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\ADBLOCK: “HLADBLOCK.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\08: “ADBLOCK.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\ADBLOCK: “GUIADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\SERVICE: “ADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(ADBLOCK.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\ADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(ADBLOCK.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 025C5D103E8F0F2B53993F6BF28BF3A4
File is not signed.
File size= 15488
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\ADBLOCK: “HLADBLOCK.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\08: “ADBLOCK.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\ADBLOCK: “GUIADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\SERVICE: “ADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(ADBLOCK.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ADBLOCK.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\ADBLOCK.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ADBLOCK.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(ADBLOCK.DLL)”
CONTENT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 4A547BA6EE6E012FD60E96DC4481A7F2
File is not signed.
File size= 3840
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\09: “CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\SERVICE: “CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(CONTENT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(CONTENT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 4A547BA6EE6E012FD60E96DC4481A7F2
File is not signed.
File size= 3840
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\09: “CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\SERVICE: “CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(CONTENT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CONTENT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\CONTENT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(CONTENT.DLL)”
DNSCACHE.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= D35497E861F76BDCA4239B816E7C2F33
File is not signed.
File size= 6080
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\DNS: “HLDNSCACHE.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\10: “DNSCACHE.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\DNS: “GUIDNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\SERVICE: “DNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(DNSCACHE.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\DNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(DNSCACHE.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= D35497E861F76BDCA4239B816E7C2F33
File is not signed.
File size= 6080
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\DNS: “HLDNSCACHE.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\10: “DNSCACHE.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\DNS: “GUIDNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\SERVICE: “DNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(DNSCACHE.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_DNSCACHE.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\DNSCACHE.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(DNSCACHE.DLL)”
FTPFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 08CF7FFFDF0F4334EB41E0AAD161A72E
File is not signed.
File size= 6240
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\01: “FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\SERVICE: “FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(FTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(FTPFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 08CF7FFFDF0F4334EB41E0AAD161A72E
File is not signed.
File size= 6240
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\01: “FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\SERVICE: “FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(FTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_FTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\FTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(FTPFILT.DLL)”
HTMLFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= EEB3D635A7551B946FDAF73A4CE63681
File is not signed.
File size= 7712
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\03: “HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\SERVICE: “HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(HTMLFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(HTMLFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= EEB3D635A7551B946FDAF73A4CE63681
File is not signed.
File size= 7712
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\03: “HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\SERVICE: “HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(HTMLFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTMLFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTMLFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTMLFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(HTMLFILT.DLL)”
HTTPFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= E1B19DBC665A8A03DC2551EAAC036545
File is not signed.
File size= 9088
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\02: “HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\SERVICE: “HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(HTTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(HTTPFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= E1B19DBC665A8A03DC2551EAAC036545
File is not signed.
File size= 9088
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\02: “HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\SERVICE: “HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(HTTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HTTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HTTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(HTTPFILT.DLL)”
IMAPFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 4733779B4A644B16DDF85C9DBC0076EC
File is not signed.
File size= 7008
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\05: “IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\SERVICE: “IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(IMAPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(IMAPFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 4733779B4A644B16DDF85C9DBC0076EC
File is not signed.
File size= 7008
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\05: “IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\SERVICE: “IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(IMAPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_IMAPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\IMAPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IMAPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(IMAPFILT.DLL)”
MAILFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 63ED6253726658C9AAED56EAE0D83BF5
File is not signed.
File size= 9856
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\06: “MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\SERVICE: “MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(MAILFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(MAILFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 63ED6253726658C9AAED56EAE0D83BF5
File is not signed.
File size= 9856
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\06: “MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\SERVICE: “MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(MAILFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_MAILFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\MAILFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAILFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(MAILFILT.DLL)”
NNTPFILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= E41CBA2B232B5DE0BED74E75FF79FB6C
File is not signed.
File size= 6592
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\07: “NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\SERVICE: “NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(NNTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(NNTPFILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= E41CBA2B232B5DE0BED74E75FF79FB6C
File is not signed.
File size= 6592
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\07: “NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\SERVICE: “NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(NNTPFILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NNTPFILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\NNTPFILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NNTPFILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(NNTPFILT.DLL)”
POP3FILT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 6DE8852251AF42FEFFC249FBE011CD59
File is not signed.
File size= 7072
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\04: “POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\SERVICE: “POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(POP3FILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(POP3FILT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 6DE8852251AF42FEFFC249FBE011CD59
File is not signed.
File size= 7072
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\04: “POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\SERVICE: “POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(POP3FILT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_POP3FILT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\POP3FILT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POP3FILT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(POP3FILT.DLL)”
PROTECT.DLL
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 7ECBCBDF473426A030CE2D74B5660A0D
File is not signed.
File size= 15520
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\PROTECT: “HLPROTECT.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\11: “PROTECT.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\PROTECT: “GUIPROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\SERVICE: “PROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(PROTECT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\PROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(PROTECT.DLL)”
Description: R-Firewall kernel mode plugin R-TT R-Firewall
MD5= 7ECBCBDF473426A030CE2D74B5660A0D
File is not signed.
File size= 15520
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\SECURITY
HKLM\SOFTWARE\R-TT\R-FIREWALL\PLUGINS\PROTECT: “HLPROTECT.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\KERNELPLUGINS\11: “PROTECT.DLL”
HKLM\SOFTWARE\R-TT\R-FIREWALL\GUIPLUGINS\PROTECT: “GUIPROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\SERVICE: “PROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\LEGACY: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CONFIGFLAGS: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CLASS: “LEGACYDRIVER”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CLASSGUID: “{8ECC055D-047F-11D1-A537-0000F8753ED1}”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\DEVICEDESC: “R-FIREWALL PLUGIN(PROTECT.DLL)”
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\0000\CAPABILITIES: 0X00000000
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_PROTECT.DLL\NEXTINSTANCE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\SECURITY\SECURITY: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\TYPE: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\START: 0X00000003
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\ERRORCONTROL: 0X00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\IMAGEPATH: “\??\C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\PROTECT.DLL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PROTECT.DLL\DISPLAYNAME: “R-FIREWALL PLUGIN(PROTECT.DLL)”
RFWNT.SYS
Description: R-Firewall Firewall driver R-TT R-Firewall
MD5= 718F4B409D8CE4B5A27D11260A1F4651
File is not signed.
File size= 90432
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RFW\IMAGEPATH: “\??\C:\WINDOWS\SYSTEM32\RFWNT.SYS“
Description: R-Firewall Firewall driver R-TT R-Firewall
MD5= 718F4B409D8CE4B5A27D11260A1F4651
File is not signed.
File size= 90432
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RFW\IMAGEPATH: “\??\C:\WINDOWS\SYSTEM32\RFWNT.SYS“
RTT_CRC_SERVICE.EXE
Description: Service RTT CRC Service Start Type: loaded manually on demand
MD5= 7081B7A8D71DCD52BE5B991323A00635
File is not signed.
File size= 425984
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RTT_CRC_SERVICE\IMAGEPATH: “C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE\RTT_CRC_SERVICE.EXE“
Description: Service RTT CRC Service Start Type: loaded manually on demand
MD5= 7081B7A8D71DCD52BE5B991323A00635
File is not signed.
File size= 425984
Related registry changes:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RTT_CRC_SERVICE\IMAGEPATH: “C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE\RTT_CRC_SERVICE.EXE“
FILES ADDED:61
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\FIREWALLDRVSETUP.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\INSTALLOPTIONS.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\IOSPECIAL.INI
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\KILLPROCDLL.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\MODERN-WIZARD.BMP
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSEXEC.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSRTRIAL.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSSCM.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\STARTMENU.DLL
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\R-FIREWALL HELP.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\R-FIREWALL.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\UNINSTALL.LNK
C:\PROGRAM FILES\R-TT\R-FIREWALL\CORPEULA.TXT
C:\PROGRAM FILES\R-TT\R-FIREWALL\CSD_EULA.TXT
C:\PROGRAM FILES\R-TT\R-FIREWALL\DBGHELP.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULT.XML
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULTCFGCREATOR.CFG
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULTCONFIGCREATOR.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIDNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIENGINE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIPROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLDNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLENGINE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLPROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\ADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\CONTENT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\DNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\FTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTMLFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\IMAPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\MAILFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\NNTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\POP3FILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\PROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\ADBLOCK.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\DNSCACHE.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\PROTECT.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-CONN.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-CONN.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-ERRORS.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-ERRORS.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-SYSTEM.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-SYSTEM.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-TDI.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-TDI.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\R-PROTECTSTUDIO.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\REG.REG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RFW.CHM
C:\PROGRAM FILES\R-TT\R-FIREWALL\RFWPOP.HLP
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES\ADBLOCK.CFG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES\TEST.XML
C:\PROGRAM FILES\R-TT\R-FIREWALL\SENDMAIL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE\RTT_CRC_SERVICE.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\UNICOWS.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\UNINST-R-FIREWALL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\ZLIB.DLL
C:\WINDOWS\SYSTEM32\RFWNT.SYS
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\INSTALLOPTIONS.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\IOSPECIAL.INI
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\KILLPROCDLL.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\MODERN-WIZARD.BMP
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSEXEC.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSRTRIAL.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\NSSCM.DLL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP\STARTMENU.DLL
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\R-FIREWALL HELP.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\R-FIREWALL.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL\UNINSTALL.LNK
C:\PROGRAM FILES\R-TT\R-FIREWALL\CORPEULA.TXT
C:\PROGRAM FILES\R-TT\R-FIREWALL\CSD_EULA.TXT
C:\PROGRAM FILES\R-TT\R-FIREWALL\DBGHELP.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULT.XML
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULTCFGCREATOR.CFG
C:\PROGRAM FILES\R-TT\R-FIREWALL\DEFAULTCONFIGCREATOR.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIDNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIENGINE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\GUIPROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLDNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLENGINE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\HLPROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\ADBLOCK.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\CONTENT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\DNSCACHE.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\FTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTMLFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\HTTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\IMAPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\MAILFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\NNTPFILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\POP3FILT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL\PROTECT.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\ADBLOCK.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\DNSCACHE.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\PROTECT.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-CONN.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-CONN.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-ERRORS.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-ERRORS.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-SYSTEM.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-SYSTEM.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-TDI.0
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG\R-TDI.LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\R-FIREWALL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\R-PROTECTSTUDIO.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\REG.REG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RFW.CHM
C:\PROGRAM FILES\R-TT\R-FIREWALL\RFWPOP.HLP
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES\ADBLOCK.CFG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES\TEST.XML
C:\PROGRAM FILES\R-TT\R-FIREWALL\SENDMAIL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE\RTT_CRC_SERVICE.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\UNICOWS.DLL
C:\PROGRAM FILES\R-TT\R-FIREWALL\UNINST-R-FIREWALL.EXE
C:\PROGRAM FILES\R-TT\R-FIREWALL\ZLIB.DLL
C:\WINDOWS\SYSTEM32\RFWNT.SYS
FILES[ATTR]MODIFIED:1
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\CE4CF87733651BF1F44DD1E02FC1A8E8
FOLDERS ADDED:8
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\NST2.TMP
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL
C:\PROGRAM FILES\R-TT
C:\PROGRAM FILES\R-TT\R-FIREWALL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES
C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\R-FIREWALL
C:\PROGRAM FILES\R-TT
C:\PROGRAM FILES\R-TT\R-FIREWALL
C:\PROGRAM FILES\R-TT\R-FIREWALL\KERNEL
C:\PROGRAM FILES\R-TT\R-FIREWALL\LOG
C:\PROGRAM FILES\R-TT\R-FIREWALL\RULES
C:\PROGRAM FILES\R-TT\R-FIREWALL\SERVICE
Related Files
I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit is required. Reviews. EULA. Privacy Policy.