OTL Extras logfile created on: 2012-11-15 16:46:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 51,62% Memory free 7,16 Gb Paging File | 5,78 Gb Available in Paging File | 80,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 43,93 Gb Total Space | 4,19 Gb Free Space | 9,53% Space Free | Partition Type: NTFS Drive D: | 97,66 Gb Total Space | 69,56 Gb Free Space | 71,23% Space Free | Partition Type: NTFS Drive E: | 146,48 Gb Total Space | 129,39 Gb Free Space | 88,33% Space Free | Partition Type: NTFS Drive F: | 177,67 Gb Total Space | 169,17 Gb Free Space | 95,21% Space Free | Partition Type: NTFS Computer Name: MATEUSZ-PC | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-4031025185-515548669-1338716211-1000\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS "Client Server Runtime Process" = C:\Users\Mateusz\AppData\Roaming\csrss.exe -- () "Host-process Windows (Rundll32.exe)" = C:\Users\Mateusz\AppData\Roaming\csrss.exe -- () "Service Host Process for Windows" = C:\Users\Mateusz\AppData\Roaming\System32\svchost.exe -- () [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00AF5315-2BAA-4E85-9147-31EFF4FD5A82}" = rport=139 | protocol=6 | dir=out | app=system | "{0134DB51-76A4-4B71-A426-95A7AFDC1AA5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2180F336-BDFF-4942-A709-6F00619E22FE}" = lport=445 | protocol=6 | dir=in | app=system | "{28067754-2F09-4941-BB0B-486E767BBB7A}" = lport=137 | protocol=17 | dir=in | app=system | "{5A156EAC-E1D4-46D3-95BE-6D88CBFFF7FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{63ED108A-EB32-4789-8710-8CF2FAE465A7}" = rport=445 | protocol=6 | dir=out | app=system | "{7246B1C4-D7E3-48A1-A637-C270868E90C6}" = lport=138 | protocol=17 | dir=in | app=system | "{745703DD-F37D-4441-8101-8919CC2ED108}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{8C4912EC-D187-41C0-8A86-B467DDF28230}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{9B4A96BD-225C-4D7F-ACE2-C390CE523BEE}" = lport=139 | protocol=6 | dir=in | app=system | "{9F24859A-52B9-4B04-A5A1-D4496E7EC8DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AFFD7EE1-C04C-483F-A77E-5A997CCE03BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B2C3B08F-039C-4472-AA84-914E05074A7D}" = rport=137 | protocol=17 | dir=out | app=system | "{B6A45B37-806D-4E3D-A94C-7257A89D12A1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{C12E830E-0042-49C3-8955-7F110BB3E1D2}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D2EFA16-DE93-4F81-B68C-23B4B35425B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{13B1F258-9F7C-4B65-ADEE-23A90B06D105}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1684AE00-CA51-49A7-BBA8-E8C8DF408647}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3A8BE7B1-2CD6-4F88-B470-C01034F0581E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{4AFA6971-2EA4-496F-81B8-27CA292DEE6D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4C1B200A-7D76-4557-AF4D-4992C7737A99}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5841F99C-5E94-4077-8EBE-99C4939F2ADD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{624844A2-E3C8-4413-8E5B-316933506426}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{84C70725-B7B7-457A-B7F0-653542EE4BB7}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{866EBCE1-37E5-41B3-B666-8B8DB9141D8C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{938CEB55-891F-40E6-BB80-27C7C2C46C8B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9FC3BD14-9C2E-4105-9135-8A4A85ED3C04}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A95AB58E-5D0A-4680-9C45-72429BBBDC1F}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{AC9A2866-7DE2-45D4-812C-5EB903E51D45}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{E8F00D84-889F-422F-94DE-595E22C55907}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{04EB4B98-CF53-4AF6-BEC2-04724C17616D}D:\met\metin2.bin" = protocol=6 | dir=in | app=d:\met\metin2.bin | "TCP Query User{0B791812-EC5A-4883-8FCF-2C0C061D5F85}D:\gry\yy - kopia - kopia\metin2.exe" = protocol=6 | dir=in | app=d:\gry\yy - kopia - kopia\metin2.exe | "TCP Query User{173807C1-7B87-4F2F-93D0-6455A26B540D}E:\nowycs\hl.exe" = protocol=6 | dir=in | app=e:\nowycs\hl.exe | "TCP Query User{17C3EC2C-66EB-440F-B819-10755BC23513}D:\dddddd\hl.exe" = protocol=6 | dir=in | app=d:\dddddd\hl.exe | "TCP Query User{1D263B74-D0C7-4B32-9AF7-C5F32A7830CD}C:\users\mateusz\desktop\dragon54\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\desktop\dragon54\metin2.bin | "TCP Query User{1FE1A771-4DBA-43D6-BA66-456C2A583FBF}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe | "TCP Query User{21A26A5F-FCC1-46D8-A260-EE6CD496D703}E:\dddddddd\hl.exe" = protocol=6 | dir=in | app=e:\dddddddd\hl.exe | "TCP Query User{232254CF-82B9-4443-8F8F-68065A1A7D82}F:\zdjecia\yy - kopia\metin2.exe" = protocol=6 | dir=in | app=f:\zdjecia\yy - kopia\metin2.exe | "TCP Query User{265152DE-56C4-431C-BCBE-5D11E999EFAD}F:\dragon54\metin2.bin" = protocol=6 | dir=in | app=f:\dragon54\metin2.bin | "TCP Query User{284A41AA-19AF-493C-867C-17D501B34877}D:\ccs\hl.exe" = protocol=6 | dir=in | app=d:\ccs\hl.exe | "TCP Query User{28BF272B-E774-471D-8138-55CCA14CDFF7}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{338CCCBD-986D-418C-9F02-B1830302F0BF}E:\ceeees\hl.exe" = protocol=6 | dir=in | app=e:\ceeees\hl.exe | "TCP Query User{389E25CA-9FA7-41F5-BE3F-34CA83845FAB}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{3E0D0BB9-F6AF-46ED-AEA0-A2A879842949}F:\yy - kopia\metin2.exe" = protocol=6 | dir=in | app=f:\yy - kopia\metin2.exe | "TCP Query User{416817E0-7F5A-44C5-A69F-0DACA6BBDE18}C:\users\mateusz\desktop\metin2_pl\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\desktop\metin2_pl\metin2.bin | "TCP Query User{52022306-402A-423D-9275-4CA846DD33F8}C:\users\mateusz\downloads\divineworld\divine.exe" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\divineworld\divine.exe | "TCP Query User{5AA1749D-2758-4F8F-BDF9-5257FD51459B}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe | "TCP Query User{5D5DE157-3060-4DEE-B97E-8AC55565380E}C:\users\mateusz\desktop\dragon54\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\desktop\dragon54\metin2.bin | "TCP Query User{5E81389C-B0F8-4E20-9685-1D88F51BDF61}C:\users\mateusz\downloads\dragonmt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\dragonmt2\metin2.bin | "TCP Query User{641E86AB-736E-4080-A5EA-8EDF00672882}D:\met\metin2.exe" = protocol=6 | dir=in | app=d:\met\metin2.exe | "TCP Query User{687F34CA-43BA-4C8D-A707-CA3784791EBA}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{68E45412-45EB-488D-9429-EBA9FF5DCD2E}D:\gry\metin2\metin2client.bin" = protocol=6 | dir=in | app=d:\gry\metin2\metin2client.bin | "TCP Query User{6FA62BC8-ABD1-4966-97BE-BA06A53C1A6D}D:\ravia\game.exe" = protocol=6 | dir=in | app=d:\ravia\game.exe | "TCP Query User{779CA01D-19FD-4852-AE63-12B759E6DDC0}D:\gry\met\metin2client.bin" = protocol=6 | dir=in | app=d:\gry\met\metin2client.bin | "TCP Query User{90ABD81C-77FE-4E9C-A5BC-F03EC4384B8D}D:\gry\yy - kopia - kopia\metin2.bin" = protocol=6 | dir=in | app=d:\gry\yy - kopia - kopia\metin2.bin | "TCP Query User{9110FC8F-A25F-4F73-84FF-CA7BD06E8E6C}D:\gry\yy\metin2.bin" = protocol=6 | dir=in | app=d:\gry\yy\metin2.bin | "TCP Query User{91FD2E16-44CD-4032-B24D-2E6EEB0E2844}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{951B7327-AE47-41AF-A921-A0AB1BB6901F}D:\gry\yy\metin2.exe" = protocol=6 | dir=in | app=d:\gry\yy\metin2.exe | "TCP Query User{977960F3-FCC5-4BE7-A27E-61FD143BECDF}D:\gry\yy\metin2.exe" = protocol=6 | dir=in | app=d:\gry\yy\metin2.exe | "TCP Query User{9918AF81-E345-4C57-91E4-BF45C7DD2D47}E:\csss\hl.exe" = protocol=6 | dir=in | app=e:\csss\hl.exe | "TCP Query User{A3F16258-A0E5-43D1-AB33-4DE1590EF657}D:\gry\metin2_pl\metin2.bin" = protocol=6 | dir=in | app=d:\gry\metin2_pl\metin2.bin | "TCP Query User{A899D430-FFD6-4F88-AE57-4AC809FA3CDD}E:\csdziala\hl.exe" = protocol=6 | dir=in | app=e:\csdziala\hl.exe | "TCP Query User{A91EF850-B44C-4F20-8693-BC4D7E9CEC24}C:\users\mateusz\desktop\yy - kopia\metin2.exe" = protocol=6 | dir=in | app=c:\users\mateusz\desktop\yy - kopia\metin2.exe | "TCP Query User{AE49789A-43A3-4813-8571-5B0F2C848934}D:\met\metin2.exe" = protocol=6 | dir=in | app=d:\met\metin2.exe | "TCP Query User{AE97A037-FC61-42AE-A98E-D24D3100DCE4}D:\gry\yy - kopia\metin2.exe" = protocol=6 | dir=in | app=d:\gry\yy - kopia\metin2.exe | "TCP Query User{B322B411-E36C-4ED6-8431-E970D59259B2}E:\metin2\metin2client.bin" = protocol=6 | dir=in | app=e:\metin2\metin2client.bin | "TCP Query User{BDF915B7-BF8E-4272-A9CD-391D80B0908C}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{C14043E3-801E-4B98-A0CE-44A2EA14B3E2}E:\yy - kopia\metin2.exe" = protocol=6 | dir=in | app=e:\yy - kopia\metin2.exe | "TCP Query User{C4563F74-BFDC-4C7D-9B71-75E237716DCB}E:\heroes of might and magic iii - zlota edycja\heroes3.exe" = protocol=6 | dir=in | app=e:\heroes of might and magic iii - zlota edycja\heroes3.exe | "TCP Query User{CD1A1B48-EDEF-42F1-BD69-A829B3F7966A}D:\gry\metin2\metin2.bin" = protocol=6 | dir=in | app=d:\gry\metin2\metin2.bin | "TCP Query User{D2BAB152-3B2E-434F-B1D1-488B54F35121}D:\gry\yy\metin2.bin" = protocol=6 | dir=in | app=d:\gry\yy\metin2.bin | "TCP Query User{D91295BB-01E0-4D72-B72A-FE9927C0BF3F}E:\cs\hl.exe" = protocol=6 | dir=in | app=e:\cs\hl.exe | "TCP Query User{DA45B9DB-50DF-49F3-916A-0E9724AD2571}C:\users\mateusz\desktop\dragonmt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\desktop\dragonmt2\metin2.bin | "TCP Query User{DBA80759-5ACE-4DE3-B2B4-D0C711F87367}E:\yy - kopia\metin2client.bin" = protocol=6 | dir=in | app=e:\yy - kopia\metin2client.bin | "TCP Query User{E6008B3C-DA3E-4699-9D99-7233C0CFBC10}C:\users\mateusz\downloads\diamondmt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\diamondmt2\metin2.bin | "TCP Query User{F8613AB7-17BE-44EB-A242-4E3D9B1D6A31}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{FEB15E1C-0E1E-4754-9C7E-BE0D9A7FD88E}C:\users\mateusz\downloads\divineworld\metin2.bin" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\divineworld\metin2.bin | "UDP Query User{026418AD-9059-43BD-A5BD-554B94FE2943}D:\gry\yy - kopia - kopia\metin2.bin" = protocol=17 | dir=in | app=d:\gry\yy - kopia - kopia\metin2.bin | "UDP Query User{0271221C-660B-4B22-B874-92329A37BDF3}C:\users\mateusz\desktop\yy - kopia\metin2.exe" = protocol=17 | dir=in | app=c:\users\mateusz\desktop\yy - kopia\metin2.exe | "UDP Query User{0588045C-F303-4AF4-BDF1-98C01ED38DF6}D:\gry\yy - kopia\metin2.exe" = protocol=17 | dir=in | app=d:\gry\yy - kopia\metin2.exe | "UDP Query User{10A797DF-07FA-4FDA-9932-28339FF29E01}E:\csdziala\hl.exe" = protocol=17 | dir=in | app=e:\csdziala\hl.exe | "UDP Query User{13874E19-B04C-4E4C-AC6B-C4C203290DA0}E:\csss\hl.exe" = protocol=17 | dir=in | app=e:\csss\hl.exe | "UDP Query User{1DEF30E9-8B62-4D47-B9FF-7F8BA63B6CF2}D:\gry\yy\metin2.exe" = protocol=17 | dir=in | app=d:\gry\yy\metin2.exe | "UDP Query User{1E84EBCB-E770-4E82-8E7F-DADF718369F8}E:\yy - kopia\metin2.exe" = protocol=17 | dir=in | app=e:\yy - kopia\metin2.exe | "UDP Query User{27D9B41B-FD81-443E-B0F9-F249958FE76F}D:\gry\yy\metin2.exe" = protocol=17 | dir=in | app=d:\gry\yy\metin2.exe | "UDP Query User{2A6DD62E-6355-4606-9568-929439EC36EE}D:\gry\yy - kopia - kopia\metin2.exe" = protocol=17 | dir=in | app=d:\gry\yy - kopia - kopia\metin2.exe | "UDP Query User{31A768E4-FA42-4C8D-BE33-403072E459B2}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | "UDP Query User{37433E84-0EFE-4909-A434-95525C017120}E:\yy - kopia\metin2client.bin" = protocol=17 | dir=in | app=e:\yy - kopia\metin2client.bin | "UDP Query User{3A8F45C2-CDF6-4E17-83F7-55F3880E4676}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{413457D7-8FBA-4F06-A9A9-58FDDD0B3DE5}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe | "UDP Query User{41A03717-AEBE-4D05-B998-78334478C272}C:\users\mateusz\desktop\dragon54\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\desktop\dragon54\metin2.bin | "UDP Query User{464F2498-4999-43B5-9A82-8FC1073A3BC4}F:\yy - kopia\metin2.exe" = protocol=17 | dir=in | app=f:\yy - kopia\metin2.exe | "UDP Query User{56C57475-D11D-420D-ACC2-7D8D269029A3}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{5B00E5F1-E7DE-4A08-99CF-573C0060C413}E:\metin2\metin2client.bin" = protocol=17 | dir=in | app=e:\metin2\metin2client.bin | "UDP Query User{5C3667D7-8983-4F3A-86D1-818FEC4F2BEE}D:\gry\metin2\metin2.bin" = protocol=17 | dir=in | app=d:\gry\metin2\metin2.bin | "UDP Query User{63210FCE-6AC2-4B20-A90A-7428C7FBFD8B}C:\users\mateusz\downloads\diamondmt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\diamondmt2\metin2.bin | "UDP Query User{6ADB2BE1-B09C-4F0D-BDDC-B14AF148D303}E:\heroes of might and magic iii - zlota edycja\heroes3.exe" = protocol=17 | dir=in | app=e:\heroes of might and magic iii - zlota edycja\heroes3.exe | "UDP Query User{6C34E9F1-B5F2-459B-B53A-04F4ADAE6E10}D:\met\metin2.exe" = protocol=17 | dir=in | app=d:\met\metin2.exe | "UDP Query User{6E5DA331-2AE1-4AC0-B58B-FBD239F4722A}D:\gry\yy\metin2.bin" = protocol=17 | dir=in | app=d:\gry\yy\metin2.bin | "UDP Query User{7197559A-9CE7-4157-8AF7-578E59084870}D:\met\metin2.bin" = protocol=17 | dir=in | app=d:\met\metin2.bin | "UDP Query User{73E8363C-32AF-4B2F-9E09-6E4B497314A7}D:\ccs\hl.exe" = protocol=17 | dir=in | app=d:\ccs\hl.exe | "UDP Query User{7804A8B7-268E-4543-BA2E-D0F51A9D5E69}F:\dragon54\metin2.bin" = protocol=17 | dir=in | app=f:\dragon54\metin2.bin | "UDP Query User{7A303A9F-C419-4D04-9657-F809F2C33AA5}D:\ravia\game.exe" = protocol=17 | dir=in | app=d:\ravia\game.exe | "UDP Query User{7B3DB0CA-5C9F-43B3-9486-0445A5D3A144}F:\zdjecia\yy - kopia\metin2.exe" = protocol=17 | dir=in | app=f:\zdjecia\yy - kopia\metin2.exe | "UDP Query User{80B7EA40-09B5-498E-961F-C5F539B15514}D:\gry\yy\metin2.bin" = protocol=17 | dir=in | app=d:\gry\yy\metin2.bin | "UDP Query User{8ACD7B5A-D7C3-437D-9AF4-7BBFCE4088E5}C:\users\mateusz\downloads\dragonmt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\dragonmt2\metin2.bin | "UDP Query User{8BB2EB81-1501-4554-8E25-B8DC5FBA5CE9}E:\nowycs\hl.exe" = protocol=17 | dir=in | app=e:\nowycs\hl.exe | "UDP Query User{9118B907-65D4-43BF-8C93-EB7F97976759}C:\users\mateusz\desktop\dragon54\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\desktop\dragon54\metin2.bin | "UDP Query User{A069488F-910B-4897-A2E2-E2B858D6E3CC}C:\users\mateusz\downloads\divineworld\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\divineworld\metin2.bin | "UDP Query User{B0049C45-2276-4052-9C06-CDA8C87BE0C9}E:\cs\hl.exe" = protocol=17 | dir=in | app=e:\cs\hl.exe | "UDP Query User{B281B296-03AC-459A-9AF2-CCDA23C9BA05}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | "UDP Query User{BF9265F4-84A9-4E69-B343-EF683F64A7DD}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe | "UDP Query User{C02A1A7D-57CD-45DE-A5A0-6F2A68773DF2}E:\ceeees\hl.exe" = protocol=17 | dir=in | app=e:\ceeees\hl.exe | "UDP Query User{C1D9F16A-3617-4BA0-8337-8883A3F4B2BD}E:\dddddddd\hl.exe" = protocol=17 | dir=in | app=e:\dddddddd\hl.exe | "UDP Query User{CABFF4AD-03C6-4596-9D20-FE9108EC7198}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{D1DB052A-6C82-4347-B0F4-3DCA465BEA82}C:\users\mateusz\desktop\dragonmt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\desktop\dragonmt2\metin2.bin | "UDP Query User{D4CA406B-797F-49E9-A05E-25B19332AA14}C:\users\mateusz\desktop\metin2_pl\metin2.bin" = protocol=17 | dir=in | app=c:\users\mateusz\desktop\metin2_pl\metin2.bin | "UDP Query User{D980C46A-B9F4-428B-AF3C-086AE34ECB29}D:\gry\metin2_pl\metin2.bin" = protocol=17 | dir=in | app=d:\gry\metin2_pl\metin2.bin | "UDP Query User{EACF98F6-609F-490C-BE0F-5267929998B8}D:\gry\met\metin2client.bin" = protocol=17 | dir=in | app=d:\gry\met\metin2client.bin | "UDP Query User{EC5C5A44-63BD-482B-8678-947F7597B731}D:\met\metin2.exe" = protocol=17 | dir=in | app=d:\met\metin2.exe | "UDP Query User{F863550C-059D-45EE-81C8-3607626664D7}C:\users\mateusz\downloads\divineworld\divine.exe" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\divineworld\divine.exe | "UDP Query User{F9685EA9-C638-499E-B157-E6103A6E4022}D:\dddddd\hl.exe" = protocol=17 | dir=in | app=d:\dddddd\hl.exe | "UDP Query User{F9847400-C79F-4B53-9127-E20751E95651}D:\gry\metin2\metin2client.bin" = protocol=17 | dir=in | app=d:\gry\metin2\metin2client.bin | "UDP Query User{FFBB7CFE-2A6F-450F-BBF4-95D3EFF84E0D}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam "{6BD5BAAF-44F0-4D9B-88E7-4D1C54E689AC}" = ESET NOD32 Antivirus "{6D4C79B1-2BFF-4AD2-AE11-90401F0B36F4}" = Iniemamocni "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.2 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Asus_LCD_ScreenSaver" = Asus_LCD_ScreenSaver "Brothersoft Toolbar" = Brothersoft Toolbar "Conexant AccessRunner ADSL" = Conexant AccessRunner ADSL "Counter-Strike 1.6" = Counter-Strike 1.6 "ENTERPRISE" = Produkt Microsoft Office Enterprise 2007 w wersji próbnej "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Heroes of Might and Magic III - Złota Edycja_is1" = Heroes of Might and Magic III - Złota Edycja "Metin2_is1" = Metin2 "mIRC" = mIRC "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NSS" = Norton Security Scan "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Ravia.eu" = Ravia.eu "VLC media player" = VLC media player 1.1.4 "WinRAR archiver" = Archiwizator WinRAR "ZTE ZXDSL852" = ZTE ZXDSL852 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-11-19 06:10:58 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0xf84, godzina rozpoczęcia aplikacji 0x01cca6a36aacde65. Error - 2011-11-21 12:30:33 | Computer Name = Mateusz-PC | Source = Application Hang | ID = 1002 Description = Program metin2client.bin w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 908 Godzina rozpoczęcia: 01cca86553cfd9e2 Godzina zakończenia: 5000 Error - 2011-11-21 12:31:01 | Computer Name = Mateusz-PC | Source = Application Hang | ID = 1002 Description = Program metin2client.bin w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 638 Godzina rozpoczęcia: 01cca85084328702 Godzina zakończenia: 2432 Error - 2011-11-21 12:31:09 | Computer Name = Mateusz-PC | Source = Application Hang | ID = 1002 Description = Program metin2client.bin w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: b60 Godzina rozpoczęcia: 01cca85c6ccd0842 Godzina zakończenia: 850 Error - 2011-11-23 09:52:30 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0xb80, godzina rozpoczęcia aplikacji 0x01cca9e71390109d. Error - 2011-11-23 10:01:59 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0x448, godzina rozpoczęcia aplikacji 0x01cca9e86574d3f6. Error - 2011-11-24 10:58:08 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0x2d8, godzina rozpoczęcia aplikacji 0x01ccaab960d4f1f1. Error - 2011-11-24 10:58:38 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0x664, godzina rozpoczęcia aplikacji 0x01ccaab97d1463f1. Error - 2011-11-24 10:59:14 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0x890, godzina rozpoczęcia aplikacji 0x01ccaab9917e1161. Error - 2011-11-25 10:45:41 | Computer Name = Mateusz-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd metin2.exe, wersja 0.0.0.0, sygnatura czasowa 0x4e408722, moduł powodujący błąd ntdll.dll, wersja 6.0.6000.16386, sygnatura czasowa 0x4549bdc9, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003b15f, identyfikator procesu 0xecc, godzina rozpoczęcia aplikacji 0x01ccab80d89467b2. [ System Events ] Error - 2012-11-15 11:26:21 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-11-15 11:26:21 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-11-15 11:30:05 | Computer Name = Mateusz-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:28:35 na 2012-11-15 było nieoczekiwane. Error - 2012-11-15 11:31:33 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2012-11-15 11:31:33 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-11-15 11:31:33 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-11-15 11:36:01 | Computer Name = Mateusz-PC | Source = DCOM | ID = 10010 Description = Error - 2012-11-15 11:38:54 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2012-11-15 11:38:54 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-11-15 11:38:54 | Computer Name = Mateusz-PC | Source = Service Control Manager | ID = 7026 Description = < End of report >