OTL Extras logfile created on: 2012-08-02 09:22:03 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Acer\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,99 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 77,30% Memory free 6,18 Gb Paging File | 5,74 Gb Available in Paging File | 92,93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,57 Gb Total Space | 19,47 Gb Free Space | 17,45% Space Free | Partition Type: NTFS Drive D: | 111,55 Gb Total Space | 22,81 Gb Free Space | 20,45% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Acer | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3524367830-1120645207-1804313674-1003\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "C:\Program Files\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{073D9037-3D77-48D8-8C38-B06FDF201ACB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{17351D44-5ABE-416D-90A8-B7147373D310}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{19694DE9-CA78-41A3-A67E-28E5714964A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1DBC500F-A03C-4A03-B37D-B41A5265C78E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{21E1D482-07F6-44BE-A382-BD408FE18851}" = rport=445 | protocol=6 | dir=out | app=system | "{2DCF352B-4CCA-4909-93A5-10BDC1BCE8AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37979793-5E5D-43FF-A207-4D6CFDA2D321}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{385128C7-5744-48D9-9433-2414FC590DE3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{3C1495E9-B086-4BF5-A21B-24EE6F9FE1AA}" = lport=10243 | protocol=6 | dir=in | app=system | "{4276BCDB-3656-47E3-AA5F-3EDD869B8A2D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{673C1A7F-9E98-4865-A716-EE465ABD1786}" = lport=138 | protocol=17 | dir=in | app=system | "{6D25654F-9E0D-4EB4-A7E7-9077A37B185D}" = lport=139 | protocol=6 | dir=in | app=system | "{70EAA9FC-DA48-47A0-A7AA-A0EE36516897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{71AC4DAC-0858-4EA6-8338-7DEC06EEDBAD}" = lport=137 | protocol=17 | dir=in | app=system | "{73C3984F-D849-40FA-8E2B-FA322FEE248A}" = lport=445 | protocol=6 | dir=in | app=system | "{7404DD46-768B-40A6-9266-0FD48D1B20F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8C1F0104-576E-4AE4-8E1B-E719CA362713}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{90B945E4-CAA5-48A4-9B75-A6C13A857E39}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{940464D2-ED04-45C8-896D-143BA4241D44}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B73461DB-E128-4437-A8F2-586A0D17BD15}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B8B54624-4E79-417F-A77A-090A11F18F8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BBEAF107-E6C0-4A60-ABBD-29983B7B5488}" = rport=138 | protocol=17 | dir=out | app=system | "{D4D76E79-6C2B-4C9D-9E6F-A3126B39C14E}" = rport=137 | protocol=17 | dir=out | app=system | "{E3DD4D37-BF08-454A-84F9-DEF1A8D61F89}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EBB54B83-825C-4264-9886-9576BE6C3CAF}" = lport=1434 | protocol=17 | dir=in | name=ms-sql browser udp 1434 | "{EC3F4540-69C8-4025-A520-00D7DF916EF9}" = rport=10243 | protocol=6 | dir=out | app=system | "{F8F8F26B-7A89-432A-8F9D-FAD9C513B274}" = rport=139 | protocol=6 | dir=out | app=system | "{FB318FF3-6356-448A-BFA5-23A0E0871E31}" = lport=5356 | protocol=6 | dir=in | name=ms-sql mssmlbiz tcp 5356 | "{FC423F99-764A-4A3E-B878-7283B4879A6F}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02954385-DEE1-40F4-8D6B-6656B8DA9C3E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{0C5DEE0A-F2F8-4365-9CE4-19CEA285CFD3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{10CCF1E9-58CC-4CC1-8DEE-64427A0D765E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{12D3EFDE-6555-4D68-8989-19FB8F1B14EF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{13135BD1-C5D7-40FC-9210-8CF3A3E6CA97}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{13EA7395-0B2B-4A52-ACF0-0E07751BE256}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1615228D-D2B1-40A4-9B50-43A78FD6D69E}" = protocol=6 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe | "{18074F0F-B43F-404D-A38E-16DF2AC21C7B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1861DEE7-8785-4919-A18D-B137226924ED}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{1E6B2DD1-6115-434E-BBAF-5DDC92D2D8EA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{29EB6FBC-A402-44B9-9004-82A21F10ABC4}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{2ABC75E5-67E5-47BA-8CDA-60552E95BB1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{32878BC8-B59D-4EE7-8BBE-060A418BC5B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{34F4F15F-23CA-4C17-AE39-9BD9F951DAFC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{37AE9F20-E903-4EEC-A049-1E42C1B0E107}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3A61A4D0-DC6E-43BA-A0CC-2453EE04AC49}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3B68C3E0-0861-4433-9156-538BEA5C4927}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{413B303A-BC65-49A1-A336-267D7774DAC7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{475EF8A6-3822-4F78-9880-B17CAF9B06C6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{537F8CE9-3702-4087-A15F-3C60A2A11F4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5979D804-2430-43DB-A254-8B6C4010E0EB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{59D5C5A6-DEF9-4046-ACB3-B5F6A045CD15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{5EBD42B3-385B-43D1-9763-4DA6D89F4BB5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5FB745DF-F1CD-4E75-8E48-42FA17AE0904}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6CFDD72E-8B81-4D09-82BC-D72B08EE6149}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{7366D18E-405F-4FDD-AAB7-5157579F7894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7B9AC803-D0F3-4569-9F0E-F6CC300AC3F7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{89221F6C-F804-40AC-80FD-372214D31614}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8D43F00A-12FC-46FB-A5B3-22CC2F7C7E47}" = protocol=17 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe | "{93F5CC8E-09B8-45E8-9AAB-30B7A8A0C34C}" = protocol=6 | dir=out | app=system | "{9C33CA54-81F3-4761-9477-687EF20A1F50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9FE1DBB4-A8DB-4AEF-BF17-A5AEA9B50D99}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A7B33A2F-C588-49E1-B50F-6B70757E2449}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AE6A6D29-5816-4FF2-8D70-6E414029DF55}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B5AB63D8-CBC1-4C49-A4D7-B3FFD51994F5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{BCAFB740-947C-4905-B314-64207EDC4002}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{C0A5CE67-D695-4E69-8E36-43D84E0D0B04}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C4125772-21E0-4ED6-A154-59497A63CB20}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{C78A4453-AC0A-41E9-B11A-D577D03E8B33}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{CEF3636D-AD16-42D6-B4D7-C8A1CF953247}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{D34B4C9B-8DBD-4ED4-9D58-936F07EC5B63}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D35195EC-6C2A-413F-B406-D64A27040685}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D572173B-4B7A-4171-BFA9-125B241962ED}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D9E9F743-3883-4D74-8BC2-6F5E9001C7EC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{DFC1A9AF-A182-43F4-9921-83FF4297023E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E9719DAE-EA6E-4928-8839-DD0722A7962D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F6FA67D3-DE84-4DF2-911E-FB7FF1A574F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F706D800-511A-4E82-8595-008438D762F0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FEF2D3C1-843C-4D91-9C70-F2933F3C9947}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{11F8F789-4AB1-4541-94EE-FFCA6DAFDABE}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{13BE5118-F05A-4554-8856-19AA5FEE8432}C:\users\acer\desktop\deluxe\game.exe" = protocol=6 | dir=in | app=c:\users\acer\desktop\deluxe\game.exe | "TCP Query User{233125C9-4056-4297-963F-FF0DF71D97B0}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe | "TCP Query User{2427F17D-7D05-4846-BF25-8DAFF856B852}C:\users\acer\appdata\local\temp\eprintsetup\eprintsetup.exe" = protocol=6 | dir=in | app=c:\users\acer\appdata\local\temp\eprintsetup\eprintsetup.exe | "TCP Query User{30FC30EF-BA77-4DCB-8583-73F561BBDCD1}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{37B803C0-28EC-4F5C-B78C-BED9FFE8C676}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{3C666A0B-3924-4E9E-B30E-7575609FCA27}C:\program files\return to castle wolfenstein\wolfmp.exe" = protocol=6 | dir=in | app=c:\program files\return to castle wolfenstein\wolfmp.exe | "TCP Query User{48FC0610-13D4-474E-A82D-95263D041F79}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "TCP Query User{7F98DB81-40F9-4057-8E8F-EE75438CD911}C:\program files\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe | "TCP Query User{81779BA6-8CE6-4D36-BC74-E625E1546E19}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{8450FFAF-3224-4C90-A352-D8E1A3665126}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{850C273A-FB2F-4EC0-9E70-B3737D352310}D:\joyvi\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\joyvi\stronghold crusader.exe | "TCP Query User{873A56DC-21EC-4B62-8BC6-8D9791CF410B}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=6 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | "TCP Query User{8F997687-2DCA-4FE9-A491-6AFF20A6C3AB}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{A4560B8E-12B5-4B48-834B-4FF90A86C66D}C:\program files\foxit software\pdf editor\pdfedit.exe" = protocol=6 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe | "TCP Query User{A6894BE2-8C1F-4105-BB21-1FB8E9C094CD}C:\program files\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe | "TCP Query User{AF29436B-1AF9-44CC-9591-61325E703E3B}C:\users\acer\desktop\deluxe\game.exe" = protocol=6 | dir=in | app=c:\users\acer\desktop\deluxe\game.exe | "TCP Query User{B96F26EF-23C1-476E-BC25-4F8B73892DFF}G:\hot spot\deluxe\game.exe" = protocol=6 | dir=in | app=g:\hot spot\deluxe\game.exe | "TCP Query User{C70B15AF-4AA5-4A79-9FD0-45233F79FC83}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{C8FCCF99-A4FF-4A8D-902E-CD308853F893}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{F835B16D-7300-4855-9A9D-C218A0CD336D}C:\program files\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe | "TCP Query User{FB3501EC-A139-4F02-850D-7375A1CD3B88}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{FF06984E-37D4-4F2C-81A1-C40C1569546E}C:\program files\infogrames\carnivores cityscape\bin\main.exe" = protocol=6 | dir=in | app=c:\program files\infogrames\carnivores cityscape\bin\main.exe | "TCP Query User{FF382B8C-9607-42BE-A078-85CFADBD2888}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{02DBE99F-1549-4676-B8F6-01C45FF429F9}C:\users\acer\desktop\deluxe\game.exe" = protocol=17 | dir=in | app=c:\users\acer\desktop\deluxe\game.exe | "UDP Query User{06BDF678-C46B-4D15-AB7B-C03B6F24BABD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{1123447C-9449-4035-9BEF-14563FB14B82}G:\hot spot\deluxe\game.exe" = protocol=17 | dir=in | app=g:\hot spot\deluxe\game.exe | "UDP Query User{15F7DA8E-0B82-4EDA-92AA-C4825B0FBA33}C:\program files\infogrames\carnivores cityscape\bin\main.exe" = protocol=17 | dir=in | app=c:\program files\infogrames\carnivores cityscape\bin\main.exe | "UDP Query User{1AD1D85F-2A61-487E-BE62-B11403CC9E96}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{2936A173-2C4C-4393-9301-21C46A5842DC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{2BBC4866-01C7-44F9-86E0-EA8F8E8E39EE}D:\joyvi\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\joyvi\stronghold crusader.exe | "UDP Query User{3506ACA6-44A3-4F91-B54C-C21F097C845F}C:\program files\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe | "UDP Query User{4C141757-2211-46C4-B55A-E12E6EF6393E}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{5D7F61AF-A061-4752-8D48-38B3B3EF0BDA}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{84F63873-4FD0-4C71-BDED-899EBBB99B3A}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{85086B98-30F2-497E-9A9A-A43CBBE7DD42}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{8586C9CC-2E1A-4273-AE8A-E15A8878F917}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{8B58EA84-119B-4589-B539-150C8680A8F1}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe | "UDP Query User{98DB24FE-CABA-474A-8683-1601E1714E39}C:\program files\return to castle wolfenstein\wolfmp.exe" = protocol=17 | dir=in | app=c:\program files\return to castle wolfenstein\wolfmp.exe | "UDP Query User{A440C093-AF91-4058-A47B-F8B5E9B57800}C:\program files\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe | "UDP Query User{AEC1ECF7-CFA1-4656-BC28-C7EA42D6C1D3}C:\users\acer\desktop\deluxe\game.exe" = protocol=17 | dir=in | app=c:\users\acer\desktop\deluxe\game.exe | "UDP Query User{BA2E2C6C-C9A9-4635-8A84-096CE2BDFAEB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{C3C33F2A-8E3F-43EF-872D-46152A264F03}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=17 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | "UDP Query User{CA86F743-53C0-47B7-8E87-CB1D42675B8E}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{D8822137-43B5-425D-9B43-74EFE88C3173}C:\users\acer\appdata\local\temp\eprintsetup\eprintsetup.exe" = protocol=17 | dir=in | app=c:\users\acer\appdata\local\temp\eprintsetup\eprintsetup.exe | "UDP Query User{DC3A5824-AFA2-432E-965A-3B7F459292DA}C:\program files\foxit software\pdf editor\pdfedit.exe" = protocol=17 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe | "UDP Query User{E8DC6E1C-8E48-42EF-A549-C18E1C7D81DF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{EDD8477A-284E-4476-916C-CF2A94C110AD}C:\program files\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer "{06F8CD93-C722-45E9-A9A4-F48F78E39E84}" = hppFaxUtilityCM1410 "{0AA4761C-CAE1-485D-8609-D8AF4B916F43}" = Reksio - Miasto Sekretów "{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}" = HP LJ CM1410 MFP Series HP Scan "{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT "{22FE3793-5961-4ADE-AE66-69D9291C22B1}" = HPLaserJetHelp_LearnCenter "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 29 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2F29B6C0-85C0-4B18-8FA7-2AF76535CEAA}" = Reksio i Skarb Piratów "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{36B8063D-93B7-424C-8AAF-BEEFB70FB207}" = AZBoxEdit "{3AC26580-A695-4134-84AE-5121B3AAE545}" = Readiris Pro 12 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EAD64E4-C25F-4745-BE52-4BBF61643ACB}" = Doradca uaktualnienia systemu Windows Vista "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer Crystal Eye webcam "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{564EC8D7-0BF0-4EFB-82AD-A71B44876BB2}_is1" = DVBViewer Pro 3.9.4.0 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "{6FB8DD0C-6AAD-4596-A293-165060209F34}" = Carnivores Cityscape "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage "{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{92F91A05-8241-4651-B9F4-9D04EE1F2634}" = hppSendFaxCM1410 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9FA7A537-E6F6-4A6E-95B9-E4152756132D}" = hppCM1410LaserJetService "{A091A144-49C2-431D-A7FC-89BC43F274BB}" = Reksio i Skarb Piratów "{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AABE44D1-0B72-4C6B-9778-20B2317F8064}" = hpzTLBXFX "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management "{C49F8E1C-0BAE-4836-A670-AE76BA32BE90}" = ChomikBox "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management "{D31E6192-5790-4AB4-852B-1153205AE653}_is1" = Polski VAG 4.9 "{D608C59B-424B-45D4-971C-5978F8564CEE}" = hppLaserJetService "{D9C3127C-B6F5-4D01-908D-C62DD8036E74}" = AZBoxEdit "{DA5576B5-EF2A-4E3A-8763-FCA8BA84DA00}" = hppTLBXFXCM1410 "{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam "{E5EA877B-61DE-4118-B285-5A6963D9C7AC}" = target "{E7044E25-3038-4A76-9064-344AC038043E}" = Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{E8706A0A-D596-4ef8-B924-2D69BD75D95E}" = Doradca uaktualnienia systemu Windows 7 "{EA561335-6495-47DE-A7A0-CD4ED101D4F6}" = CAM Wizard "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller "{FFD7B2D9-AC9D-468C-83A2-21017A811623}" = hppFaxDrvCM1410 "2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Pakiet sterowników systemu Windows - FTDI CDM Driver Package (02/17/2009 2.04.16) "4U WMA MP3 Converter_is1" = 4U WMA MP3 Converter 6.3.6 "51A4D522DD31538335EF5736F0E7F588C70BCB12" = Pakiet sterowników systemu Windows - FTDI CDM Driver Package (02/17/2009 2.04.16) "6D07236E1D2F8479C88537ED0B7EB5D15ABBF7D5" = Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (11/16/2007 6.0.2.0) "Acer Assist" = Acer Assist "Acer Registration" = Acer Registration "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer V3.5.6.3_is1" = ALLPlayer V3.X "ALLPlayer_is1" = ALLPlayer V4.X "asterisk key" = Asterisk Key 10.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "blueconnect" = blueconnect "Browsers Protector" = Browsers Protector "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "Crusaders Of Space" = Crusaders Of Space "CrystalDiskInfo_is1" = CrystalDiskInfo 4.6.2a "DAEMON Tools Lite" = DAEMON Tools Lite "Dinosaur Battles(TM)" = Dinosaur Battles(TM) "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX Setup "DjVu" = Lizardtech DjVu Control (autoinstall) "DVD Decrypter" = DVD Decrypter (Remove Only) "Elf Bowling The Last Insult_is1" = Elf Bowling The Last Insult "Foxit PDF Editor" = Foxit PDF Editor "GridVista" = Acer GridVista "HDMI" = Intel(R) Graphics Media Accelerator Driver "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7 "InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "InstallShield_{6FB8DD0C-6AAD-4596-A293-165060209F34}" = Carnivores Cityscape "InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers. "JDownloader" = JDownloader "JuniperSetupClient Activex Control" = Juniper Networks Setup Client Activex Control "LManager" = Launch Manager "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mp3 Knife_is1" = Mp3 Knife 3.2 "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "Nero8Lite_is1" = Nero 8 Lite 8.1.1.4 "NSP_2011_is1" = NSP 2011 2.0.4 "PLAY ONLINE" = PLAY ONLINE "RealAlt_is1" = Real Alternative 1.9.0 Lite "RealPlayer 6.0" = RealPlayer "RealVNC_is1" = VNC Free Edition 4.1.3 "Reksio_Czarodzieje_Polish" = Reksio i Czarodzieje "Reksio_Ufo" = Reksio i Ufo "smartmontools" = smartmontools "SMS" = SMS (remove only) "SnadBoy's Revelation v2" = SnadBoy's Revelation v2 "Super Kulki_is1" = Super Kulki "SynTPDeinstKey" = Synaptics Pointing Device Driver "TomTom HOME" = TomTom HOME 2.8.4.2596 "Totalcmd" = Total Commander (Remove or Repair) "TVersity Codec Pack" = TVersity Codec Pack 1.4 "TVersity Media Server" = TVersity Media Server 1.9.3 "uTorrent" = µTorrent "WinRAR archiver" = Archiwizator WinRAR "Wizard Land" = Wizard Land "WorldUnlock Codes Calculator" = WorldUnlock Codes Calculator "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3524367830-1120645207-1804313674-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "b6b3fbf00a8e87a4" = CERTO H "GG" = GG "Google Chrome" = Google Chrome "JuniperSetupClient" = Juniper Networks Setup Client [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-06 04:09:08 | Computer Name = Laptop | Source = WinMgmt | ID = 10 Description = Error - 2011-06-08 09:27:41 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:29:45 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:29:59 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:34:52 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:34:57 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:37:37 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 09:37:37 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 10:21:41 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = Error - 2011-06-08 10:21:41 | Computer Name = Laptop | Source = Windows Search Service | ID = 3013 Description = [ System Events ] Error - 2012-08-02 02:50:58 | Computer Name = Laptop | Source = sptd | ID = 262148 Description = Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error - 2012-08-02 02:51:43 | Computer Name = Laptop | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 18:58:37 na 2012-08-01 było nieoczekiwane. Error - 2012-08-02 02:52:07 | Computer Name = Laptop | Source = DCOM | ID = 10005 Description = Error - 2012-08-02 02:52:18 | Computer Name = Laptop | Source = DCOM | ID = 10005 Description = Error - 2012-08-02 02:52:20 | Computer Name = Laptop | Source = DCOM | ID = 10005 Description = Error - 2012-08-02 02:52:27 | Computer Name = Laptop | Source = DCOM | ID = 10005 Description = Error - 2012-08-02 02:52:28 | Computer Name = Laptop | Source = DCOM | ID = 10005 Description = Error - 2012-08-02 02:52:56 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-02 02:52:56 | Computer Name = Laptop | Source = Service Control Manager | ID = 7026 Description = Error - 2012-08-02 02:53:53 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = < End of report >