kontrola logu youtube nefunguje

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials


Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Reklama]

[crash40]

kdyz jsem udelal prvni krok tak ikona Combofixu zustala na plose:(

[jaro3]

zkus ještě jednou , potom dej OTL , smažeme v něm.

[crash40]

OTL logfile created on: 16.11.2011 21:48:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kopi-C.R.7\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 48,46% Memory free
4,10 Gb Paging File | 2,84 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 96,81 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 0,81 Gb Free Space | 9,04% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1020,34 Mb Free Space | 99,94% Space Free | Partition Type: FAT32

Computer Name: KOPI-CR7-PC | User Name: Kopi-C.R.7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kopi-C.R.7\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\eType Toolbar\ToolbarUpdaterService.exe ()
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe (IObit)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
PRC - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)
PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - c:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)
PRC - c:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
PRC - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\madexcept_.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\madbasic_.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\maddisAsm_.bpl ()
MOD - C:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Updater Service for eType Toolbar) -- C:\Program Files\eType Toolbar\ToolbarUpdaterService.exe ()
SRV - (rpcnet) Remote Procedure Call (RPC) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (IMFservice) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (ASBroker) -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
SRV - (ASChannel) -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Bioscrypt Inc.)
SRV - (HP ProtectTools Service) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (HpFkCryptService) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (HPFSService) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (RoxMediaDB10) -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (accoca) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Driver Services (SafeList) ==========

DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (SbAlg) -- C:\windows\System32\drivers\SbAlg.sys (SafeBoot N.V.)
DRV - (SbFsLock) -- C:\windows\System32\drivers\SbFsLock.sys (SafeBoot International)
DRV - (RsvLock) -- C:\windows\System32\drivers\rsvlock.sys (SafeBoot International)
DRV - (SafeBoot) -- C:\windows\System32\drivers\SafeBoot.sys ()
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (hpdskflt) -- C:\windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (se45mdm) -- C:\Windows\System32\drivers\se45mdm.sys (MCCI)
DRV - (se45mdfl) -- C:\Windows\System32\drivers\se45mdfl.sys (MCCI)
DRV - (se45bus) Sony Ericsson Device 069 driver (WDM) -- C:\Windows\System32\drivers\se45bus.sys (MCCI)
DRV - (speedfan) -- C:\windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\windows\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.autocompletepro.com/?si=7148&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.etypestart.com/?src=startpag ... .0-x86-SP1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.centrum.cz/#utm_source=icq&u ... um=generic
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.autocompletepro.com/?si=7148&bi=400
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kopi-C.R.7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kopi-C.R.7\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kopi-C.R.7\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.13 11:31:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.12 09:20:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.13 21:28:19 | 000,000,000 | ---D | M]

[2009.08.21 13:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Extensions
[2009.08.21 13:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.11.13 21:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Firefox\Profiles\xcj13aiz.default\extensions
[2010.08.28 18:10:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Firefox\Profiles\xcj13aiz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.20 19:30:45 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Firefox\Profiles\xcj13aiz.default\extensions\support@predictad.com
[2011.11.14 15:09:49 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-1.xml
[2010.09.08 16:56:21 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-10.xml
[2010.10.20 22:25:22 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-11.xml
[2010.10.28 09:26:21 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-12.xml
[2010.12.12 10:10:52 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-13.xml
[2010.12.20 19:33:06 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-14.xml
[2011.03.23 21:52:05 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-15.xml
[2011.04.08 19:41:01 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-16.xml
[2011.04.30 00:01:08 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-17.xml
[2011.06.19 20:59:24 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-18.xml
[2011.06.22 17:13:11 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-19.xml
[2009.12.18 22:30:01 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-2.xml
[2011.07.14 10:31:18 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-20.xml
[2011.08.18 07:34:27 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-21.xml
[2011.08.21 20:33:40 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-22.xml
[2011.09.05 13:43:45 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-23.xml
[2011.09.12 13:08:10 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-24.xml
[2011.10.08 08:44:04 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-25.xml
[2011.10.09 14:25:50 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-26.xml
[2011.11.07 13:42:37 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-27.xml
[2011.11.13 11:58:59 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-28.xml
[2009.12.19 05:07:52 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-3.xml
[2010.01.07 16:49:10 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-4.xml
[2010.06.27 20:41:35 | 000,000,961 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-5.xml
[2010.07.16 10:17:47 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-6.xml
[2010.07.22 06:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-7.xml
[2010.07.24 06:04:58 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-8.xml
[2010.09.08 16:02:21 | 000,000,950 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\icqplugin.xml
[2011.11.13 11:58:43 | 000,001,391 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\Mozilla\Firefox\Profiles\xcj13aiz.default\searchplugins\yahoo-zugo.xml
[2011.11.12 09:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.12 16:37:34 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.12 09:20:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.11.09 22:14:05 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
() (No name found) -- C:\USERS\KOPI-C.R.7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XCJ13AIZ.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI
[2011.11.12 09:20:15 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.12 00:36:07 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2010.11.15 21:02:24 | 000,135,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010.12.20 19:30:45 | 000,003,187 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\acpro.xml
[2011.07.14 10:20:36 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.11.12 09:20:12 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.11.12 09:20:12 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.11.12 09:20:12 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.11.12 09:20:12 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.11.12 09:20:12 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.11.12 09:20:12 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2011.08.16 14:11:18 | 000,000,846 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml.old

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kopi-C.R.7\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Kopi-C.R.7\AppData\Local\Google\Chrome\Application\15.0.874.120\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kopi-C.R.7\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kopi-C.R.7\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011.11.12 19:06:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (eType Toolbar Helper) - {7D9463CD-BBD8-42f4-AB72-D7B1191D9F3D} - C:\Program Files\eType Toolbar\Toolbar32.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (eType Toolbar) - {BDE58274-7A2A-4682-8C47-A379DD9E36CB} - C:\Program Files\eType Toolbar\Toolbar32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CognizanceTS] c:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.197.254 78.156.147.105
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE14C14-7D39-4973-8426-CBCA72A69E7B}: DhcpNameServer = 172.16.197.254 78.156.147.105 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5515F13-78B3-4FAE-B1F3-D7A32CF432B6}: DhcpNameServer = 172.16.197.254 78.156.147.105
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (APSHook.dll) -C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Kopi-C.R.7\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kopi-C.R.7\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -C:\windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) -C:\windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.11.13 21:41:59 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011.11.13 21:39:48 | 000,248,480 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Kopi-C.R.7\Desktop\uninstall_flash_player_32bit.exe
[2011.11.13 21:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011.11.13 21:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011.11.13 21:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011.11.13 20:39:12 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.11.13 20:35:35 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.11.13 11:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\eType Toolbar
[2011.11.13 11:58:26 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Roaming\eType
[2011.11.13 11:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.11.12 19:20:32 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Local\temp
[2011.11.12 19:06:33 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.11.12 00:55:30 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Local\Adobe
[2011.11.12 00:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.11.12 00:36:31 | 000,544,656 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2011.11.12 00:36:31 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2011.11.12 00:36:31 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2011.11.12 00:36:31 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2011.11.12 00:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.11.10 22:24:11 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Roaming\Opera
[2011.11.10 22:24:11 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Local\Opera
[2011.11.10 22:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011.11.10 22:23:08 | 010,311,496 | ---- | C] (Opera Software ASA) -- C:\Users\Kopi-C.R.7\Desktop\Opera_1152_int_Setup.exe
[2011.11.09 15:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.6
[2011.11.09 15:08:04 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.6
[2011.11.06 09:17:43 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\Desktop\Nová složka
[2011.11.05 21:26:26 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\Desktop\raus(vseborec.cz-1n48e)
[2011.10.24 08:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\empire
[2011.10.18 21:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.10.18 20:56:15 | 000,000,000 | ---D | C] -- C:\Users\Kopi-C.R.7\AppData\Local\Facebook
[2010.12.30 14:36:01 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Kopi-C.R.7\AppData\Roaming\pcouffin.sys
[2009.04.16 13:52:57 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2009.04.16 13:52:56 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.16 21:40:52 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2011.11.16 21:40:50 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2011.11.16 21:40:42 | 000,435,680 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.11.16 21:40:34 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.16 21:40:33 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.16 21:40:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.11.16 21:40:08 | 2071,252,992 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.16 21:38:53 | 000,005,780 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.11.16 21:08:00 | 000,000,982 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004UA.job
[2011.11.16 20:15:50 | 000,081,408 | ---- | M] () -- C:\Users\Kopi-C.R.7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.16 19:48:15 | 000,000,428 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{862C66C0-BDB3-425C-881F-B1DE430BB6C4}.job
[2011.11.16 19:01:22 | 000,000,948 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004UA.job
[2011.11.16 17:08:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004Core.job
[2011.11.16 06:54:36 | 000,644,626 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2011.11.16 06:54:36 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.11.16 06:54:36 | 000,137,892 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2011.11.16 06:54:36 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.11.15 22:01:01 | 000,000,926 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004Core.job
[2011.11.14 08:59:14 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011.11.13 23:29:08 | 000,002,264 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\playlist.m3u
[2011.11.13 21:39:15 | 000,248,480 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Kopi-C.R.7\Desktop\uninstall_flash_player_32bit.exe
[2011.11.13 21:15:00 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.11.13 21:15:00 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.11.13 20:43:11 | 355,518,879 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011.11.13 20:34:43 | 000,000,555 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\ComboFix – zástupce.lnk
[2011.11.12 19:06:28 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011.11.12 08:10:31 | 000,002,067 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\Google Chrome.lnk
[2011.11.12 00:36:06 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2011.11.12 00:36:06 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2011.11.12 00:36:06 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2011.11.12 00:36:06 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2011.11.12 00:22:13 | 000,002,533 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\HiJackThis.lnk
[2011.11.11 14:52:18 | 366,991,360 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\Gossip.Girl.S05E06.CZ-titulky-vložené.HDTV.XviD-ASAP_arc.avi
[2011.11.10 22:24:06 | 000,001,614 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.11.10 22:23:21 | 010,311,496 | ---- | M] (Opera Software ASA) -- C:\Users\Kopi-C.R.7\Desktop\Opera_1152_int_Setup.exe
[2011.11.09 15:09:20 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.6.lnk
[2011.11.09 15:08:50 | 000,000,000 | ---- | M] () -- C:\windows\C
[2011.11.05 20:01:47 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.11.05 19:42:26 | 001,186,124 | ---- | M] () -- C:\Users\Kopi-C.R.7\Desktop\npswf32.zip
[2011.10.18 21:24:47 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[crash40]

tady je druha cast prvniho logu

[crash40]

========== Files Created - No Company Name ==========

[2011.11.16 20:18:14 | 2071,252,992 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.13 23:29:07 | 000,002,264 | ---- | C] () -- C:\Users\Kopi-C.R.7\Desktop\playlist.m3u
[2011.11.13 21:15:00 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.11.13 21:15:00 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.11.12 18:43:38 | 000,000,555 | ---- | C] () -- C:\Users\Kopi-C.R.7\Desktop\ComboFix – zástupce.lnk
[2011.11.11 14:31:48 | 366,991,360 | ---- | C] () -- C:\Users\Kopi-C.R.7\Desktop\Gossip.Girl.S05E06.CZ-titulky-vložené.HDTV.XviD-ASAP_arc.avi
[2011.11.10 22:24:06 | 000,001,626 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.11.10 22:24:06 | 000,001,614 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.11.09 15:09:20 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.6.lnk
[2011.11.09 15:08:50 | 000,000,000 | ---- | C] () -- C:\windows\C
[2011.11.09 06:52:01 | 355,518,879 | ---- | C] () -- C:\windows\MEMORY.DMP
[2011.11.05 20:01:47 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.11.05 19:42:21 | 001,186,124 | ---- | C] () -- C:\Users\Kopi-C.R.7\Desktop\npswf32.zip
[2011.10.18 21:24:47 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.18 20:56:22 | 000,000,948 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004UA.job
[2011.10.18 20:56:22 | 000,000,926 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004Core.job
[2011.01.14 19:23:35 | 000,000,832 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Local\SRDownloader.nast
[2010.12.30 14:36:01 | 000,007,887 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\pcouffin.cat
[2010.12.30 14:36:01 | 000,001,144 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\pcouffin.inf
[2010.12.17 17:13:48 | 000,017,089 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\UserTile.png
[2010.10.15 15:01:28 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE
[2010.03.12 19:06:29 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
[2010.03.12 19:06:29 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
[2009.11.09 22:19:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.09.25 07:57:47 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe
[2009.09.21 18:58:31 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009.08.22 07:42:59 | 000,106,605 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.08.22 07:42:59 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.17 10:40:44 | 000,081,408 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.16 22:34:02 | 000,005,780 | ---- | C] () -- C:\windows\bthservsdp.dat
[2009.04.16 13:52:57 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2009.04.16 13:52:57 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2009.04.16 13:52:57 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2008.08.06 04:23:29 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.08.06 04:23:29 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.08.06 04:23:29 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.08.06 04:23:29 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.08.06 04:23:29 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.08.06 04:23:29 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.08.06 04:06:06 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.05.21 15:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll
[2008.05.21 15:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008.05.21 15:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008.05.21 15:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008.05.14 01:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.04.17 11:02:10 | 000,644,626 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2008.04.17 11:02:10 | 000,286,912 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2008.04.17 11:02:10 | 000,137,892 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2008.04.17 11:02:10 | 000,034,724 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2008.01.21 03:34:33 | 000,642,560 | ---- | C] () -- C:\windows\System32\autochk.exe
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2006.11.02 13:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 13:44:53 | 000,435,680 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.03 23:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 04:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys

========== LOP Check ==========

[2010.08.04 11:48:59 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\.Torrent Swapper
[2011.05.09 16:58:30 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\Avnex
[2009.11.10 00:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\BSplayer
[2009.04.25 19:54:38 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\BSplayer Pro
[2009.04.22 11:44:53 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\DAEMON Tools
[2009.04.22 11:45:23 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\DAEMON Tools Lite
[2009.04.22 11:44:53 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\DAEMON Tools Pro
[2011.11.13 20:56:59 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\eType
[2009.09.22 19:32:01 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\fltk.org
[2011.07.19 06:58:01 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\FreeScreenToVideo
[2011.07.21 15:03:08 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\go
[2011.11.15 16:34:34 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\ICQ
[2009.04.16 16:42:33 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\InterVideo
[2011.06.19 20:05:43 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\IObit
[2010.06.06 10:24:37 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\OpenOffice.org
[2011.11.10 22:24:11 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\Opera
[2010.03.12 19:11:46 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\PC Suite
[2010.12.17 17:13:47 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\PeerNetworking
[2011.08.30 16:57:13 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\QuadCore.cz
[2010.03.12 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\Samsung
[2011.07.04 22:44:26 | 000,000,000 | ---D | M] -- C:\Users\Kopi-C.R.7\AppData\Roaming\Vso
[2011.11.15 22:01:01 | 000,000,926 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004Core.job
[2011.11.16 19:01:22 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-855238292-3665127575-997026436-1004UA.job
[2011.11.16 21:38:54 | 000,032,638 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011.11.16 19:48:15 | 000,000,428 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{862C66C0-BDB3-425C-881F-B1DE430BB6C4}.job

< End of report >

[crash40]

OTL Extras logfile created on: 16.11.2011 21:48:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kopi-C.R.7\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 48,46% Memory free
4,10 Gb Paging File | 2,84 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 96,81 Gb Free Space | 43,44% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 0,81 Gb Free Space | 9,04% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1020,34 Mb Free Space | 99,94% Space Free | Partition Type: FAT32

Computer Name: KOPI-CR7-PC | User Name: Kopi-C.R.7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{092EABCB-962E-4831-893B-BEC17970031D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97257033-B2D6-4EAB-A403-A96994E2A9A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B8E38810-2B70-4F6D-A71F-2DCC690884F9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A91744-A36B-46D2-933E-DAB1BBB73338}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{11DB8693-56C8-498A-9324-15309DA21CA1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{14BA1B2C-06BF-4324-9A16-A1B5E8E24C73}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{1AAB7EEB-BF7D-4A46-BC28-E489517D4388}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{26345630-CAA9-4052-B84A-953266ACA010}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2E9D0735-DFEC-49D9-8285-6DA5050BE9E0}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{30D4515D-C99E-4946-8475-DFCB2A30F152}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{3122F28B-9149-42E4-B45D-EBEF1A896EC8}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{421D7E05-7572-426B-85DB-1F72B9E36A37}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4A03D207-13B2-4837-9D6C-6C19516913E2}" = protocol=17 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{4A8B6154-809C-4C22-81C0-8C0D342521F5}" = protocol=6 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{4B6A2410-F4A0-451E-BC0A-BBB0D492D766}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{4F6C744B-B7B4-4490-8695-7AAB6EDEA044}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{59C5EFE3-C7BF-4182-ACF5-07F3A12696A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C98E0AE-3E54-4BF9-B1BB-82F6295A1E92}" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\~os118d.tmp\rlvknlg.exe |
"{601414E1-FB90-47A6-9FEB-F187B4C999A0}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{62222377-DF3D-4216-B927-A928E8D3F666}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{644FD646-5C20-4C70-B553-207B9DF7C46D}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{6D643441-5B5E-4E7F-AAF2-CFDBC984FD16}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{720DDA95-F86A-4BDB-8A2C-2B6520F3EAFB}" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\npsasvr.exe |
"{76394CE7-F03B-41CB-A058-8CF297F1409C}" = dir=in | app=c:\users\kopi-c.r.7\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{766CEBE0-34B7-469B-BAFC-99198E9D2708}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{8DEFD04E-9AD6-4B6F-A7ED-48C923F5C03A}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{91A854FB-E307-4829-80D3-809FF4818E45}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{996A086D-F875-4238-83F6-048045CB5164}" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\npsvsvr.exe |
"{A069199E-1EE2-4B1E-82D4-E1A1213924D4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{B5E5D29E-6BA8-48C7-89D2-48F2BD8BFB6C}" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\npsvsvr.exe |
"{B7155CE7-6587-4958-B491-91554871F15D}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{BD3EFE49-C063-4B5B-B0AC-B13CB498C6D2}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{BFF21825-7258-4F8D-882C-0DBF2C7BE40A}" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\~os692e.tmp\rlvknlg.exe |
"{C23082A0-74F1-4B44-A9D5-71B7DB634B89}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{C908D2D5-F051-4E6D-9098-A3B0AF1B7B75}" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\npsasvr.exe |
"{CAEE4DFF-1FB2-4C88-B3DD-AA274843DE84}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{CBE909F5-BAB4-4F48-8110-F256F537C982}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{CF66C9E3-7A83-487A-B1C7-3D6960FEC09A}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{F3B28C68-A079-4E7A-A909-36B921A6B802}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"TCP Query User{020A6DD8-6FAA-4F4B-B1F4-55FAA9555806}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.816\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.816\finalmt2\finalmt2.exe |
"TCP Query User{02966549-4AFD-4855-95F4-BE24FF90BFE4}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex48.780\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex48.780\client\mc.exe |
"TCP Query User{05BC58A7-15EA-4B2D-BEEA-CEF664D78018}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.722\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.722\powerczechmt2\mc.exe |
"TCP Query User{06856819-5EBE-4F74-969C-E7170A6F140B}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.561\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.561\vortex servers\vortexservers.exe |
"TCP Query User{07273462-EF33-44E7-8206-00C06E80C25D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.440\playworld 3 2011 client\playworld3.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.440\playworld 3 2011 client\playworld3.exe |
"TCP Query User{0750BF55-1863-4585-ABF3-CFCE4C3D9E2C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.162\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.162\powerczechmt2\mc.exe |
"TCP Query User{07D8E478-2C3B-4A4E-84C5-5B0714227CA4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{087C7E50-D43B-4D0B-8303-6006353EA358}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex88.453\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex88.453\finalmt2\finalmt2.exe |
"TCP Query User{0B72C20D-D610-4221-A60B-6EFC50B08828}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.151\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.151\powerczechmt2\mc.exe |
"TCP Query User{0B7D5950-AD8B-4ECE-B180-1400E39EEBAD}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.839\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.839\finalmt2\finalmt2.exe |
"TCP Query User{0CDBB58A-8235-4DD5-A569-5CD9E7B3ABB7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.430\underworld - client\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.430\underworld - client\client.bin |
"TCP Query User{0D5C49A2-00E0-4EEB-879D-D07E329B315C}C:\users\kopi-c.r.7\desktop\vietcong2\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\finalmt2\finalmt2.exe |
"TCP Query User{0DA53C8D-9E34-4203-9E5E-C0FC34268FC3}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\powerczechmt2\mc.exe |
"TCP Query User{0E8EF9EA-2102-4A73-BB9E-FAF5BA8656EE}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.878\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.878\finalmt2\finalmt2.exe |
"TCP Query User{111B9554-164A-48B5-826B-2E8F3D88CE8E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.253\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.253\finalmt2\finalmt2.exe |
"TCP Query User{1181583D-8286-4D40-A159-6185923D814A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.678\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.678\powerczechmt2\mc.exe |
"TCP Query User{11DBF3E2-FC93-4C88-8FBA-A8CA6366A21E}C:\program files\swapper\swapper.exe" = protocol=6 | dir=in | app=c:\program files\swapper\swapper.exe |
"TCP Query User{12646EB8-1A1F-43E0-8FF5-B878299EC3F4}C:\program files\quadcorem2\pack\core.bin" = protocol=6 | dir=in | app=c:\program files\quadcorem2\pack\core.bin |
"TCP Query User{19B41E7D-77F2-437E-B005-D35E5A74C925}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.052\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.052\powerczechmt2\mc.exe |
"TCP Query User{1A242F17-C721-4163-AD50-8281B409E87C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.759\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.759\finalmt2\finalmt2.exe |
"TCP Query User{1DCA338E-F941-46A1-BD47-0DD046618EE6}C:\users\kopi-c.r.7\desktop\c.r\metin2.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\c.r\metin2.bin |
"TCP Query User{22AEF743-9364-4BB7-A683-F9066B2C4F25}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.103\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.103\powerczechmt2\mc.exe |
"TCP Query User{2369FE4B-887D-4A2E-B85D-280D3AE5D274}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex06.636\dragonpvpmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex06.636\dragonpvpmt2\mc.exe |
"TCP Query User{24B778EB-B0F4-4A38-853E-0EEA713A1928}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{26186FA7-9E66-4B57-B21A-108DB58E9B08}D:\metin2\metin2.bin" = protocol=6 | dir=in | app=d:\metin2\metin2.bin |
"TCP Query User{276C1EA2-4D35-4AF5-A62C-F37154C9167D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.157\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.157\pandoramt2\metin2.bin |
"TCP Query User{295F10E7-4013-4637-BAFB-9BAD45E2C0FA}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.583\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.583\powerczechmt2\mc.exe |
"TCP Query User{2A507FF7-E442-41D5-B3DB-476A354193A5}C:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin |
"TCP Query User{2B021E11-29D1-40E9-B399-52A14D745352}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.070\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.070\client\mc.exe |
"TCP Query User{2BAF45EC-1DF4-493B-9A16-EE00C1E4A3CF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.700\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.700\finalmt2\finalmt2.exe |
"TCP Query User{31BD7A7E-662D-409E-B32E-0C8FEBE990DA}C:\program files\swapper\swapper.exe" = protocol=6 | dir=in | app=c:\program files\swapper\swapper.exe |
"TCP Query User{337AEAAB-3F75-45F1-918D-890D24D2C0A2}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.737\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.737\finalmt2\finalmt2.exe |
"TCP Query User{33B89D15-3795-4AA6-8988-6816E4DDB24B}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex59.139\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex59.139\metin2spreme\mc.exe |
"TCP Query User{33EFF867-B056-4733-A8A3-D5C968E684AC}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{3463B560-903D-46BC-BE93-DC530DCBB7BD}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.968\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.968\finalmt2\finalmt2.exe |
"TCP Query User{37440215-D1EA-493C-A594-A12A73E90B01}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex26.288\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex26.288\powerczechmt2\mc.exe |
"TCP Query User{39165558-F40B-4B4E-9847-CDB96913AB6D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.159\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.159\powerczechmt2\mc.exe |
"TCP Query User{3980835E-FCDB-48AF-AE61-75E99E9D4607}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex04.947\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex04.947\metin2spreme\mc.exe |
"TCP Query User{40CC5BA5-6DBA-469B-A2D1-3FBE98FF6873}C:\program files\vietcong2\vc2ded.exe" = protocol=6 | dir=in | app=c:\program files\vietcong2\vc2ded.exe |
"TCP Query User{4B409B88-B43E-4EBF-A6C6-2D98E9ED6EA6}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.560\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.560\powerczechmt2\mc.exe |
"TCP Query User{4C0D2894-E4B7-4E81-AEF3-6F34A595BA9A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.521\playworld 3 2011 client\playworld3.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.521\playworld 3 2011 client\playworld3.exe |
"TCP Query User{4E88C112-76CC-492F-9BFD-47E3F103B5F1}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.383\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.383\finalmt2\finalmt2.exe |
"TCP Query User{4F438C44-131A-4AD9-B257-D57C6BD26CFD}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.333\celestial-world\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.333\celestial-world\metin2client.bin |
"TCP Query User{56BFB434-6DDD-49F7-967C-461C0C0D075D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex10.2085\playworld 3 2011 client\playworld3.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex10.2085\playworld 3 2011 client\playworld3.exe |
"TCP Query User{5A01C489-4BA5-4D99-8BDB-EACF7FCF4E7D}C:\program files\metin2united us\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2united us\metin2client.bin |
"TCP Query User{5A342666-8549-4DE9-A8FF-4B49D4A8C121}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5BCD3CEA-C612-49A2-AB59-6417023C49CA}C:\users\kopi-c.r.7\desktop\sindicatem2\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\client.bin |
"TCP Query User{5EA7A44B-DF4F-428F-B4B6-7EC9ADE644F7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.646\dragonpvpmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.646\dragonpvpmt2\mc.exe |
"TCP Query User{5EEFEDBB-9078-4D5D-AB7A-BF16ED72AFA6}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.766\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.766\vortex servers\vortexservers.exe |
"TCP Query User{60060E21-9A0C-43F3-8AB9-E124A048388C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.8403\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.8403\vortex servers\vortexservers.exe |
"TCP Query User{6381529A-14EF-4A5E-ADD4-CD5FCEA1D134}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.209\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.209\powerczechmt2\mc.exe |
"TCP Query User{6855BF0D-8928-417B-A5B3-4E1050E06606}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.748\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.748\vortex servers\vortexservers.exe |
"TCP Query User{69F9FB24-9BBA-4CB7-9CC1-E43D0263A40B}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex76.848\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex76.848\powerczechmt2\mc.exe |
"TCP Query User{6D6C3EE7-AFC6-4C04-970D-C4722E058A29}C:\program files\metin2united us\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2united us\metin2client.bin |
"TCP Query User{6EC9BFAD-38A1-45DF-B707-45C4F73EA448}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex27.520\celestial-world\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex27.520\celestial-world\metin2client.bin |
"TCP Query User{6FD46943-75F8-4596-8292-1E1419155CF1}C:\users\kopi-c.r.7\desktop\sindicate\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicate\client.bin |
"TCP Query User{70FF9197-3FD0-49F0-B418-6A87F0A55A62}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.988\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.988\powerczechmt2\mc.exe |
"TCP Query User{712206DC-3D26-47B4-9D56-AE946E1AB4BE}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.639\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.639\client\mc.exe |
"TCP Query User{73253657-1FD3-49FB-B6BE-934079148099}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.963\celestial-world\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.963\celestial-world\metin2client.bin |
"TCP Query User{73681AD1-0638-4F3E-91DF-3F17E7119DE7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.750\celestial-world\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.750\celestial-world\metin2client.bin |
"TCP Query User{73A72875-3ED3-4D97-B6A7-41E1B9325C46}C:\users\kopi-c.r.7\desktop\metin\mijagi-mt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\metin\mijagi-mt2.exe |
"TCP Query User{74B11EB5-30B7-4CAD-B95D-84ECC6604144}C:\users\kopi-c.r.7\desktop\vietcong2\space\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\space\client.bin |
"TCP Query User{74BC467E-0C64-4426-9761-1738A1AEA8F1}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"TCP Query User{74F33C0C-877C-4765-B1D6-79C564B4D2D6}C:\users\kopi-c.r.7\desktop\niki\samsung\npsasvr.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\samsung\npsasvr.exe |
"TCP Query User{788AA1E3-6C7C-44A6-9983-A2D7F9A7C53A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex43.792\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex43.792\powerczechmt2\mc.exe |
"TCP Query User{79FF150B-C9FE-4B04-8F1F-FB3289C1B9A4}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.614\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.614\finalmt2\finalmt2.exe |
"TCP Query User{7E3941B3-7153-4415-BC96-379206C0713E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.818\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.818\finalmt2\finalmt2.exe |
"TCP Query User{7EB498BB-B4FC-4242-A022-DC2A43CB1225}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex17.956\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex17.956\powerczechmt2\mc.exe |
"TCP Query User{80C04728-490B-4C6A-B693-D0782A8A4CC8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.025\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.025\finalmt2\finalmt2.exe |
"TCP Query User{80EFBB48-1CB4-473F-86BA-8A34E7AFC2FD}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.234\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.234\finalmt2\finalmt2.exe |
"TCP Query User{81AEBEC2-034D-4B7E-A551-97AB57A59DE1}C:\program files\vietcong2\vietcong2.exe" = protocol=6 | dir=in | app=c:\program files\vietcong2\vietcong2.exe |
"TCP Query User{834E05DF-325B-458A-A697-12E4C566454D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.236\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.236\powerczechmt2\mc.exe |
"TCP Query User{86F5AE83-8FBC-4986-BE55-7EFC59BCB17D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.971\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.971\vortex servers\vortexservers.exe |
"TCP Query User{8913F2B4-7E93-42D3-BC73-B3C6234D660A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.203\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.203\finalmt2\finalmt2.exe |
"TCP Query User{899CCD26-3553-4CE3-A333-80263A39CB88}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.958\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.958\finalmt2\finalmt2.exe |
"TCP Query User{8D2FDDC0-BF3F-49BB-93D8-A75D61F9416B}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.0852\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.0852\metin2spreme\mc.exe |
"TCP Query User{8E934635-0BDA-4DA6-A4A1-5D10F89D9255}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{90080A13-2915-4E7E-8CAC-01AA6F7960DF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.895\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.895\finalmt2\finalmt2.exe |
"TCP Query User{97CBF790-EECD-439F-9AD1-F8BE0C3E5AFF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.536\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.536\client\mc.exe |
"TCP Query User{9D30ECF2-1947-48BC-B9F7-F43FE9285BBC}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{A19EE41A-6443-4821-ACC6-7FC57D9B7A04}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.980\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.980\powerczechmt2\mc.exe |
"TCP Query User{A4282FB5-8A84-452C-85BB-38F88107EDD9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.980\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.980\vortex servers\vortexservers.exe |
"TCP Query User{A55AE75F-B7C5-44E7-89B8-6816BE5333B2}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.378\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.378\metin2spreme\mc.exe |
"TCP Query User{A74C5A05-569E-46AB-9760-200DAF00E0F4}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.889\dragonpvpmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.889\dragonpvpmt2\mc.exe |
"TCP Query User{A7AA2264-4CB9-4DE2-A69C-C8A02B6EC5B3}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex13.888\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex13.888\powerczechmt2\mc.exe |
"TCP Query User{AA7C6316-4074-4FD0-92E8-9B216E53E8EB}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{AF1FC975-FFE5-46E3-AB3D-4CC71FA7D038}C:\users\kopi-c.r.7\desktop\vietcong2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\metin2client.bin |
"TCP Query User{B02CF41C-9373-4B25-B386-0AF685C57BC8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.857\playworld 3 2011 client\playworld3.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.857\playworld 3 2011 client\playworld3.exe |
"TCP Query User{B4530407-C3F2-4A65-9774-0023400920D9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.036\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.036\client\mc.exe |
"TCP Query User{B74F27AB-D7C5-4FD5-AF95-347E39B66F10}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.664\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.664\finalmt2\finalmt2.exe |
"TCP Query User{B8AAFCF4-8E10-4DC5-B036-DA230BCA1DF6}C:\users\kopi-c.r.7\desktop\metin\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\metin\metin2client.bin |
"TCP Query User{C07E56F9-801E-4F6A-B329-13050A942F75}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.931\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.931\vortex servers\vortexservers.exe |
"TCP Query User{C1DE9F69-E728-4645-85A0-2C775DBAE2DB}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.021\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.021\powerczechmt2\mc.exe |
"TCP Query User{C1EE53A6-B356-489C-9D51-7C6A69A5BED7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.428\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.428\metin2spreme\mc.exe |
"TCP Query User{C3EEA0EF-45C3-44F3-92FC-1A43639F8879}C:\users\kopi-c.r.7\desktop\sindicatem2\sindicate\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\sindicate\client.bin |
"TCP Query User{C41F4EDC-D01D-467E-8359-1B04D9B8A8D0}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C62E24D3-3DDF-4E1E-9E6B-593D98F99E18}C:\program files\quadcorem2\pack\core.bin" = protocol=6 | dir=in | app=c:\program files\quadcorem2\pack\core.bin |
"TCP Query User{CA40C3E1-496A-45A8-B266-01B43E3F9B42}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{D08C4374-AA13-446E-99BC-253D5052C9C3}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.643\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.643\powerczechmt2\mc.exe |
"TCP Query User{D1B17F65-A8EA-49F4-8F57-899E49BF94BA}C:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin |
"TCP Query User{D41BE187-E3DE-422B-ABEA-324691D9DB2A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.802\underworld - client\client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.802\underworld - client\client.bin |
"TCP Query User{D68519A2-7CCB-47E1-AE89-0929FDDACF52}C:\program files\vietcong2\vietcong2.exe" = protocol=6 | dir=in | app=c:\program files\vietcong2\vietcong2.exe |
"TCP Query User{DEDF4D0E-F1BE-45BE-8B6D-961F7B938838}C:\users\kopi-c.r.7\desktop\vietcong2\ovenclient\oven.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\ovenclient\oven.exe |
"TCP Query User{E0175650-CD85-4BFC-903E-FE3C2AC7929E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\client\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\client\mc.exe |
"TCP Query User{E1144305-3A9E-4C0B-94E0-3C8E57FE47F9}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"TCP Query User{E1EB1C3A-F875-45FE-8C78-39A5C39C23E8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex19.689\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex19.689\powerczechmt2\mc.exe |
"TCP Query User{E3214373-A0C4-4FA2-9467-F4AC71034862}C:\users\kopi-c.r.7\desktop\sindicatem2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\metin2client.bin |
"TCP Query User{E9BA3C05-087F-40C9-953E-919B1F7979DA}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.817\finalmt2\finalmt2.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.817\finalmt2\finalmt2.exe |
"TCP Query User{ECE26E07-056E-451C-BD11-4E3FF332F5CF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex24.522\vortex servers\vortexservers.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex24.522\vortex servers\vortexservers.exe |
"TCP Query User{ED3A9D11-20D5-45EF-82DF-45D438B18833}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.171\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.171\pandoramt2\metin2.bin |
"TCP Query User{F1758C77-1BEF-4A40-87B7-D6F71DC57CC4}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.815\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.815\metin2spreme\mc.exe |
"TCP Query User{F60B8018-8E1C-4828-96E8-94C023D995FA}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.702\metin2spreme\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.702\metin2spreme\mc.exe |
"TCP Query User{F787A122-8C27-4F2B-B008-B16F26443B2B}D:\metin2\metin2client.bin" = protocol=6 | dir=in | app=d:\metin2\metin2client.bin |
"TCP Query User{F9F86497-C6D1-4540-84DB-907A18D30DD9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.217\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.217\powerczechmt2\mc.exe |
"TCP Query User{FE4851C7-4767-4424-9D2D-F8F8F04C5F5C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.483\powerczechmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.483\powerczechmt2\mc.exe |
"TCP Query User{FF28B414-E9EB-4E4C-9C29-E709E566F8A9}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{03DEB891-AE9B-44CC-BD21-EECB9CDBBF88}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.614\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.614\finalmt2\finalmt2.exe |
"UDP Query User{04A0CBB5-8F4F-4541-B643-C65E0AD5E69A}C:\users\kopi-c.r.7\desktop\sindicatem2\sindicate\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\sindicate\client.bin |
"UDP Query User{05774883-9AF9-4391-9505-36556DE8B3D8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex06.636\dragonpvpmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex06.636\dragonpvpmt2\mc.exe |
"UDP Query User{05A38ADB-AB64-40E5-A4BF-25CD67CA5365}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex26.288\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex26.288\powerczechmt2\mc.exe |
"UDP Query User{06D707AC-BCF7-4367-872C-D55C4360E77F}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{0946C44A-435F-46B1-B5DE-3199403E3F82}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.536\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.536\client\mc.exe |
"UDP Query User{0BA4AA39-7177-4C82-8171-F503940363D7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.702\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.702\metin2spreme\mc.exe |
"UDP Query User{0D6449D2-3971-4BED-A0EF-CC10F12EA114}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.151\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.151\powerczechmt2\mc.exe |
"UDP Query User{0E62091D-9C02-4BFB-B43E-6436E45C1325}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{0EBAA7F9-CFDD-4D9A-8501-B91F61AE8B0F}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.021\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.021\powerczechmt2\mc.exe |
"UDP Query User{103500AF-BFB1-4CCF-8072-33D911C4A45E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.802\underworld - client\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.802\underworld - client\client.bin |
"UDP Query User{12EBA0CA-294F-4F87-BE7F-FCD966A1481C}C:\users\kopi-c.r.7\desktop\sindicatem2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\metin2client.bin |
"UDP Query User{13E28AB6-77A7-4C62-A3EB-0B44ECE0039D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.817\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.817\finalmt2\finalmt2.exe |
"UDP Query User{150F82E2-66AE-4A7A-8157-19D142C4D5D1}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.162\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.162\powerczechmt2\mc.exe |
"UDP Query User{16D22AE3-B7CF-4324-92BC-3394F3AFACE5}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{18A84560-E1B1-497F-AACE-58BB17017150}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"UDP Query User{194F854D-9494-4806-938A-CBEDBEFC4A14}C:\users\kopi-c.r.7\desktop\metin\mijagi-mt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\metin\mijagi-mt2.exe |
"UDP Query User{1ABBD848-0D9F-42BD-8781-02F4B72FA7BE}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.931\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.931\vortex servers\vortexservers.exe |
"UDP Query User{1B13E896-3626-4719-9FCF-9E411A3FF340}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.818\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.818\finalmt2\finalmt2.exe |
"UDP Query User{1BF1EAD6-49AC-460C-B1E4-C04788841EAF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.583\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.583\powerczechmt2\mc.exe |
"UDP Query User{1E3AB3AB-FF7B-41D2-9404-8F310EFF8752}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.428\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.428\metin2spreme\mc.exe |
"UDP Query User{1FD6AC25-5251-4D8D-931A-8ED332B420B1}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{242BFE47-3F76-4242-B680-A37EBAA3CEFF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.737\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.737\finalmt2\finalmt2.exe |
"UDP Query User{269B0A90-1526-4AC6-8A15-007F0C2AD23E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.639\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.639\client\mc.exe |
"UDP Query User{28D7628A-C2E8-4F66-980D-BC1003D25589}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{2C25688E-112E-46A7-B05D-E76DD58416E9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.963\celestial-world\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.963\celestial-world\metin2client.bin |
"UDP Query User{2D9FDD85-C4A0-4714-89AF-42CD169C24FC}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.253\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.253\finalmt2\finalmt2.exe |
"UDP Query User{3CAAA6AA-EEAE-43D3-AB95-22267B4AB17C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.988\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.988\powerczechmt2\mc.exe |
"UDP Query User{3D107B1D-D6A4-4113-92D9-35C756803730}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.430\underworld - client\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.430\underworld - client\client.bin |
"UDP Query User{401B0C3F-B0D9-4E3C-AAA4-409D596643A0}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex24.522\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex24.522\vortex servers\vortexservers.exe |
"UDP Query User{4A7F4957-B345-48AC-B96F-B30F281E806B}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.171\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.171\pandoramt2\metin2.bin |
"UDP Query User{4B5688F3-3D7E-4727-97F5-E3E7F954E409}C:\users\kopi-c.r.7\desktop\sindicatem2\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicatem2\client.bin |
"UDP Query User{4C8C447B-E9B7-4B2E-9498-52C5C38A9555}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.378\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.378\metin2spreme\mc.exe |
"UDP Query User{51500BC5-817E-4823-88F2-20F6FFDA50B5}C:\program files\vietcong2\vietcong2.exe" = protocol=17 | dir=in | app=c:\program files\vietcong2\vietcong2.exe |
"UDP Query User{51B003B3-33E7-40CB-9A51-05916DFDDFE2}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.700\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.700\finalmt2\finalmt2.exe |
"UDP Query User{5321835F-33A6-4309-A2BD-C6BB233DAD9C}C:\program files\vietcong2\vietcong2.exe" = protocol=17 | dir=in | app=c:\program files\vietcong2\vietcong2.exe |
"UDP Query User{55A483AE-3F39-4E78-AFF3-93214FBFCA15}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex17.956\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex17.956\powerczechmt2\mc.exe |
"UDP Query User{55CCBF01-602C-4DEB-ACF6-A7206F625A7F}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{591B142B-24BA-47C7-AFC1-19A5AAE91A1B}C:\program files\quadcorem2\pack\core.bin" = protocol=17 | dir=in | app=c:\program files\quadcorem2\pack\core.bin |
"UDP Query User{592325BC-F6C0-48EF-957F-35820A2836DD}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.103\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex03.103\powerczechmt2\mc.exe |
"UDP Query User{5BBEFAD5-DB1E-4C03-8C78-48D4A573A653}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex04.947\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex04.947\metin2spreme\mc.exe |
"UDP Query User{5D1740CD-837F-4305-8BD4-053B4D914D25}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex59.139\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex59.139\metin2spreme\mc.exe |
"UDP Query User{5ED3B74B-BBA3-4C21-9A5E-D8C4F2059B72}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{62814CC2-DDF8-471C-A9A7-99F661614E8F}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.722\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.722\powerczechmt2\mc.exe |
"UDP Query User{629CBC18-B6E5-4BC9-8E1B-992F8679970F}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.766\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.766\vortex servers\vortexservers.exe |
"UDP Query User{6828FF53-A231-4107-9A42-BE298EE2EC66}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex43.792\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex43.792\powerczechmt2\mc.exe |
"UDP Query User{6ADEEC92-9252-4BFF-9163-D21760E04F81}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.025\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.025\finalmt2\finalmt2.exe |
"UDP Query User{6C9F5E7B-9665-4950-A5C5-E97898901AB6}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\powerczechmt2\mc.exe |
"UDP Query User{6CC63862-142A-44D7-AD9D-2204A6388578}C:\program files\quadcorem2\pack\core.bin" = protocol=17 | dir=in | app=c:\program files\quadcorem2\pack\core.bin |
"UDP Query User{6EC5371A-4C49-4403-97BC-9C37CBD5129E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.815\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.815\metin2spreme\mc.exe |
"UDP Query User{6F8C6A25-8E53-4E3D-92BB-99D3FABCFABC}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{7105584D-3028-4F74-B1E7-990B75AFC5A5}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex19.689\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex19.689\powerczechmt2\mc.exe |
"UDP Query User{72A1DDB7-7FD1-4855-885D-D21C684767DA}C:\program files\swapper\swapper.exe" = protocol=17 | dir=in | app=c:\program files\swapper\swapper.exe |
"UDP Query User{738C7F35-729F-4958-A20D-94E0EEAC13E9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.052\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.052\powerczechmt2\mc.exe |
"UDP Query User{769B010B-917D-4DD8-BA7D-174A81D52808}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.971\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.971\vortex servers\vortexservers.exe |
"UDP Query User{791FE53C-AA90-4B67-8D3C-CD36C096D3F7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.895\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.895\finalmt2\finalmt2.exe |
"UDP Query User{7AFFD9D3-AC8D-4D7F-AD64-D21048F639D8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.265\client\mc.exe |
"UDP Query User{7B9F00A7-4BA4-4162-BA89-CF122529119A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex76.848\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex76.848\powerczechmt2\mc.exe |
"UDP Query User{806FF4AB-72CD-4865-ACDD-AD58DEEC0793}C:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin |
"UDP Query User{813B0902-1770-453D-9718-DC4EECC7EB6C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.980\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex12.980\powerczechmt2\mc.exe |
"UDP Query User{83FF7170-6BF1-448D-805C-58756661601C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.217\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex14.217\powerczechmt2\mc.exe |
"UDP Query User{841780B6-714A-4204-ADA6-86F7AD448FA0}C:\program files\metin2united us\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2united us\metin2client.bin |
"UDP Query User{84295E38-0C29-4CC9-B795-D3E9E093BA1D}C:\program files\metin2united us\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2united us\metin2client.bin |
"UDP Query User{847590BD-5B45-4DF2-9E6B-B0EC48828F3A}C:\users\kopi-c.r.7\desktop\vietcong2\ovenclient\oven.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\ovenclient\oven.exe |
"UDP Query User{8A1DB58C-A3F8-4FC1-A171-2EEFE1A808CC}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex88.453\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex88.453\finalmt2\finalmt2.exe |
"UDP Query User{8B3B0D62-2100-457C-A327-9BC319771E12}C:\users\kopi-c.r.7\desktop\vietcong2\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\finalmt2\finalmt2.exe |
"UDP Query User{8C7D3D56-AD05-48C0-8390-680F3FBC7C3E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.664\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.664\finalmt2\finalmt2.exe |
"UDP Query User{8F45A4BA-E40A-463F-9DC7-294272CE31FC}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.440\playworld 3 2011 client\playworld3.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.440\playworld 3 2011 client\playworld3.exe |
"UDP Query User{8FCB2605-0C81-4F3E-893B-D1804BC411B1}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex27.520\celestial-world\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex27.520\celestial-world\metin2client.bin |
"UDP Query User{95D985E2-7389-4CA0-B838-A151A66FA247}C:\users\kopi-c.r.7\desktop\sindicate\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\sindicate\client.bin |
"UDP Query User{9BE85568-F538-4712-8172-01FC2B62908C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.521\playworld 3 2011 client\playworld3.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.521\playworld 3 2011 client\playworld3.exe |
"UDP Query User{9DED2B0D-DFB1-49F8-8C61-4F5EB429CC35}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.857\playworld 3 2011 client\playworld3.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.857\playworld 3 2011 client\playworld3.exe |

[crash40]

"UDP Query User{A232F9BA-75BE-4DF8-829C-F6436D343998}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.958\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.958\finalmt2\finalmt2.exe |
"UDP Query User{A23B52D8-C645-4D29-9273-833FB2A40AE2}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.889\dragonpvpmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.889\dragonpvpmt2\mc.exe |
"UDP Query User{A3BE2D91-3A27-4EF4-962A-AA83B5FE9512}C:\users\kopi-c.r.7\desktop\c.r\metin2.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\c.r\metin2.bin |
"UDP Query User{A4B5E69E-B0B4-4C98-A25D-8639CAD8EAF9}D:\metin2\metin2.bin" = protocol=17 | dir=in | app=d:\metin2\metin2.bin |
"UDP Query User{A4F3A9E0-B523-45F7-8BBB-DD50679F4DF9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.750\celestial-world\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.750\celestial-world\metin2client.bin |
"UDP Query User{A7451DE5-A0B0-4DE4-B93C-D93E05813499}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.646\dragonpvpmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.646\dragonpvpmt2\mc.exe |
"UDP Query User{A7EC8D79-16E7-4283-A27D-0491E1B8CFD9}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.748\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.748\vortex servers\vortexservers.exe |
"UDP Query User{B3C47669-BBB4-4E52-B858-5B3FC39F8A68}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.070\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.070\client\mc.exe |
"UDP Query User{B665F8FE-6ED6-43BC-8D05-93977F0EE9DF}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex10.2085\playworld 3 2011 client\playworld3.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex10.2085\playworld 3 2011 client\playworld3.exe |
"UDP Query User{B771861B-DB5A-4DF7-8421-454ECC99AC25}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.0852\metin2spreme\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.0852\metin2spreme\mc.exe |
"UDP Query User{BAC45E03-F4AA-4ACA-90C6-A5795244F9C7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.560\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.560\powerczechmt2\mc.exe |
"UDP Query User{BB0195DF-E49E-4484-A7B0-4446B32CAF75}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.968\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.968\finalmt2\finalmt2.exe |
"UDP Query User{BCC14399-169F-4DB6-B5AD-FD71781DF70E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex48.780\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex48.780\client\mc.exe |
"UDP Query User{BD2D4708-64BF-4FD6-A83D-EC5A908AA13E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.878\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.878\finalmt2\finalmt2.exe |
"UDP Query User{BE8D2B4E-46A7-4C89-A828-0DA4CD761ED6}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.157\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.157\pandoramt2\metin2.bin |
"UDP Query User{C64345DE-CD57-492C-A84F-1B76E5020E39}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.234\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.234\finalmt2\finalmt2.exe |
"UDP Query User{C91893E7-F07A-4DAF-A2D2-DDC30E0FFAA4}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.643\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.643\powerczechmt2\mc.exe |
"UDP Query User{CAD73FC4-6402-498B-A307-5C24721300C5}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex13.888\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex13.888\powerczechmt2\mc.exe |
"UDP Query User{CE9924EF-0E3E-4979-BC84-DDE6E0097163}C:\users\kopi-c.r.7\desktop\metin\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\metin\metin2client.bin |
"UDP Query User{CE9FC74D-F3F2-4B89-A448-74EF507B5E8F}C:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\sindicate\client.bin |
"UDP Query User{D2193A7D-0624-4DFD-8755-332030B651C3}C:\users\kopi-c.r.7\desktop\vietcong2\space\client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\space\client.bin |
"UDP Query User{D392223C-FE28-4CD9-8C16-F941CAFCBD13}C:\program files\swapper\swapper.exe" = protocol=17 | dir=in | app=c:\program files\swapper\swapper.exe |
"UDP Query User{D3D124D2-F4A8-40D5-A044-2B83C23E046A}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.036\client\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.036\client\mc.exe |
"UDP Query User{D44B6FE6-7F57-4DE4-9DAB-40358232ABD8}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.236\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.236\powerczechmt2\mc.exe |
"UDP Query User{D7254953-A2C8-4DBA-B3D1-309AB2C46EBC}C:\users\kopi-c.r.7\desktop\niki\samsung\npsasvr.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\niki\samsung\npsasvr.exe |
"UDP Query User{D9435835-44AD-48BA-A203-68B3F0A0842D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.383\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.383\finalmt2\finalmt2.exe |
"UDP Query User{D9751B9F-BA1A-4E21-B98E-3EF47F750E7F}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{DACF679A-24FE-460C-9B35-05334F5E1FD7}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.980\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.980\vortex servers\vortexservers.exe |
"UDP Query User{DCD10872-B31E-4622-83E3-D44CBB94E019}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.8403\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex11.8403\vortex servers\vortexservers.exe |
"UDP Query User{DD37C78F-72B2-4C1A-AC41-42E3F028D6AE}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.839\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.839\finalmt2\finalmt2.exe |
"UDP Query User{DEB0E069-B1A8-4839-B53F-9C4B8656325E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.561\vortex servers\vortexservers.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.561\vortex servers\vortexservers.exe |
"UDP Query User{E24FC3AC-18FC-4DEC-8D11-D8D0201E51C1}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.333\celestial-world\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.333\celestial-world\metin2client.bin |
"UDP Query User{E26219CD-E19E-414B-BFCE-B6AF7110925E}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.816\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.816\finalmt2\finalmt2.exe |
"UDP Query User{E2E1AC69-F0A6-4FD4-B082-AA41F060F13C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.203\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.203\finalmt2\finalmt2.exe |
"UDP Query User{E3518350-3ED1-49AC-BE1F-5DCA1E8ABE47}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.483\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex45.483\powerczechmt2\mc.exe |
"UDP Query User{E40E9F17-36C0-4494-BFF9-F93FF6775112}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.209\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.209\powerczechmt2\mc.exe |
"UDP Query User{E5E7EF64-2EE2-4047-9C2C-F427D53B4CC1}C:\program files\vietcong2\vc2ded.exe" = protocol=17 | dir=in | app=c:\program files\vietcong2\vc2ded.exe |
"UDP Query User{E6037FEF-3497-4D9F-8B76-CA596A1528E1}D:\metin2\metin2client.bin" = protocol=17 | dir=in | app=d:\metin2\metin2client.bin |
"UDP Query User{E8F18048-7FB8-4956-ACD5-C8DEA38829B1}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.678\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex02.678\powerczechmt2\mc.exe |
"UDP Query User{EB427BBF-55AE-4BC4-BBFE-5480BD83507B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F02C7AF2-7962-43C1-8B05-541F5FC62575}C:\users\kopi-c.r.7\desktop\vietcong2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\desktop\vietcong2\metin2client.bin |
"UDP Query User{F307FF84-7881-4FE8-ACE7-7D785C72057C}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.159\powerczechmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex00.159\powerczechmt2\mc.exe |
"UDP Query User{FB1FCE59-5A91-43B0-AD9A-3AD5713FE32D}C:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.759\finalmt2\finalmt2.exe" = protocol=17 | dir=in | app=c:\users\kopi-c.r.7\appdata\local\temp\rar$ex01.759\finalmt2\finalmt2.exe |
"UDP Query User{FE4927E5-5531-4AB4-BB65-4209B17492C0}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{16CE845C-4A4D-4949-8A9F-90B32996BBB0}" = Starship Troopers Demo
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{2086797F-A4BA-4CD3-8104-09B8D39DA5D8}" = HP JavaCard for HP ProtectTools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{926F4D5F-C8FC-4FB7-8E09-BCB8A997D1C7}" = HP ProtectTools Security Manager
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9DBD8BEE-B3EC-4D82-A81C-0F6250176DCC}" = Drive Encryption for HP ProtectTools
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A1410161-F615-4B91-A019-FA33833EF00D}" = BIOS Configuration for HP ProtectTools
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X - Czech
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"BitLord" = BitLord 1.1
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.60
"Game Booster_is1" = Game Booster
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Opera 11.52.1100" = Opera 11.52
"PDF Complete" = PDF Complete
"rajče.net_is1" = rajče verze 59 sestavení 230
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SpeedFan" = SpeedFan (remove only)
"Swapper" = Swapper (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Vietcong 2" = Vietcong 2

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[jaro3]

Odinstaluj:
McAfee Security Scan
eType Toolbar
RelevantKnowledge

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.autocompletepro.com/?si=7148&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.etypestart.com/?src=startpag ... .0-x86-SP1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.autocompletepro.com/?si=7148&bi=400
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
[2009.08.21 13:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Extensions
[2009.08.21 13:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.11.13 21:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopi-C.R.7\AppData\Roaming\mozilla\Firefox\Profiles\xcj13aiz.default\extensions
[2011.11.12 09:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.12 16:37:34 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\KOPI-C.R.7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XCJ13AIZ.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI
O1 HOSTS File: ([2011.11.12 19:06:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (eType Toolbar Helper) - {7D9463CD-BBD8-42f4-AB72-D7B1191D9F3D} - C:\Program Files\eType Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (eType Toolbar) - {BDE58274-7A2A-4682-8C47-A379DD9E36CB} - C:\Program Files\eType Toolbar\Toolbar32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
[2011.11.16 06:54:36 | 000,644,626 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2011.11.16 06:54:36 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.11.16 06:54:36 | 000,137,892 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2011.11.16 06:54:36 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010.12.30 14:36:01 | 000,007,887 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\pcouffin.cat
[2010.12.30 14:36:01 | 000,001,144 | ---- | C] () -- C:\Users\Kopi-C.R.7\AppData\Roaming\pcouffin.inf
[2008.04.17 11:02:10 | 000,644,626 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2008.04.17 11:02:10 | 000,286,912 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2008.04.17 11:02:10 | 000,137,892 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2008.04.17 11:02:10 | 000,034,724 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2006.11.02 11:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\ProgramData\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\Program Files\McAfee Security Scan
C:\ComboFix
C:\32788R22FWJFW
C:\Program Files\eType Toolbar
[9 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
C:\windows\bthservsdp.dat
C:\Users\Kopi-C.R.7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Users\Kopi-C.R.7\Desktop\ComboFix – zástupce.lnk
C:\windows\C
C:\windows\_MSRSTRT.EXE
C:\ProgramData\ezsidmv.dat
C:\Users\Kopi-C.R.7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ipconfig /flushdns /c

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\windows\System32\autochk.exe
C:\windows\System32\lcppn21.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[crash40]

ja kdyz chci odinstalovat ten etypetoolbar tak to nejde v seznamu ho nevidim a seznamu ovladaci paneli/pridat odebrat programy

a kdyz chci ho smazat z disku tak to napise ze nemam opravneni.

a RelevantKnowledge tady nevidim.

[jaro3]

Tak proveď ten script v OTL , ten to smaže.

[crash40]

Kdyz dobeh ten otl scan tak je tam okno.toho scanu a pc se nechce restartovat. Mam ho restartovat natvrdo?