OTL Extras logfile created on: 2013-01-13 10:15:48 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,36% Memory free 4,00 Gb Paging File | 2,96 Gb Available in Paging File | 74,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 11,63 Gb Free Space | 7,80% Space Free | Partition Type: NTFS Drive D: | 119,74 Gb Total Space | 109,45 Gb Free Space | 91,41% Space Free | Partition Type: NTFS Drive J: | 0,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive K: | 29,30 Gb Total Space | 17,05 Gb Free Space | 58,22% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05252C3C-7BD7-4C90-BB61-3F753746C5DC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{05C54A70-2B3B-4905-B003-48F064889DA7}" = rport=139 | protocol=6 | dir=out | app=system | "{0BE9038D-E504-40BD-9C41-23F49B00D340}" = lport=139 | protocol=6 | dir=in | app=system | "{18071713-BD0B-4ACA-9A57-51F31A0D01ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{26A6D329-8A46-4B6D-AEDC-24F2D6390895}" = lport=59069 | protocol=6 | dir=in | name=pando media booster | "{274C42FB-F6CC-4CB1-8653-B1776C8E1E84}" = lport=138 | protocol=17 | dir=in | app=system | "{328D0C44-8A8B-4B96-9A85-A14D1FD62BAE}" = lport=59069 | protocol=17 | dir=in | name=pando media booster | "{3295C9D1-9B4F-48A1-BBA3-FED07ED5939F}" = lport=59069 | protocol=6 | dir=in | name=pando media booster | "{340431F7-7ADF-4D6C-AF8F-3F818FEBD67D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37A13C3F-604E-4CA8-A7AF-6D24F00F81FA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3DB98022-BEA2-4AE4-83DD-BDFDF0197793}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4C5FAF09-AC49-46EB-8778-87B6B600C217}" = lport=445 | protocol=6 | dir=in | app=system | "{530AFF4C-6C82-4803-8D09-5ABAFFA047EE}" = rport=10243 | protocol=6 | dir=out | app=system | "{5AE2F73E-40C6-4F45-9889-0B567CA6A1AF}" = lport=10243 | protocol=6 | dir=in | app=system | "{63DF5389-7115-489A-825D-3F4E61EA0192}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6FAB6BBE-3990-4665-8F3D-74F0BFCB1630}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{74ED629F-3F85-40BF-9977-33680BB52D80}" = rport=445 | protocol=6 | dir=out | app=system | "{7B699506-D7C7-4576-AEA0-F16CE21C75C7}" = lport=137 | protocol=17 | dir=in | app=system | "{7B7812F4-8397-415D-AEED-ADA73ED70978}" = rport=137 | protocol=17 | dir=out | app=system | "{7C70FF28-8D25-4245-B7A9-DC099D4538D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A6D3D210-923A-4AC2-89CD-ECF0D37B09CE}" = rport=138 | protocol=17 | dir=out | app=system | "{AAB9C871-44CB-4D57-A7B4-2FF9CBB6BCD5}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections | "{B1DEE264-CE01-42CC-B7B2-05F74FFD177C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E1A2F761-B7D8-4407-A9F7-466B6BCBBAC2}" = lport=2869 | protocol=6 | dir=in | app=system | "{F07AABA6-C4C7-4DB0-9356-3C2BDCC9AFC3}" = lport=59069 | protocol=17 | dir=in | name=pando media booster | "{F5DC017A-3A83-4AF0-9EB7-7506A2AFE992}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery | "{FD45D5DA-0E7D-4505-A586-2882D4296C9F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{011D8CF7-58BA-4C39-BCB0-1C1FA4DBA337}" = protocol=17 | dir=in | app=c:\program files\techland\symulator farmy 2013\iupdate.dll | "{05D44EAA-1D25-4E8F-A96D-2BCBD86EEA0C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{122EF4C5-0E90-430F-834C-67653F77967B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | "{129F29BD-5575-4F4D-930E-2D06B2CCA3DE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1A37A90E-FD39-4D9A-99D4-8BFA5D6D34EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1D519049-0C55-4228-813A-10BA578F7709}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "{26C47A9B-D128-4505-B278-57155BBF5920}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | "{2ECD09E9-5828-4BE7-A4D2-CFDD003BFFA3}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe | "{2FBD4C2D-E3BA-4D0D-AB6C-AA2B9090413A}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{2FFA1DA5-F94F-4B56-83A6-4C3DB1F6D7C5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{31C29D06-84A4-436C-AEDB-175A67862C0A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{322A5CD6-FAAF-4E9B-B16C-5530B914C499}" = protocol=6 | dir=in | app=c:\program files\techland\symulator farmy 2013\iupdate.dll | "{37D2A97B-7BB6-40E5-BD5C-61E4640D5A2F}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe | "{3C175A17-5D19-4343-B2EA-7BBE50DCBB3E}" = dir=in | app=en_conquer2.0_5611_p2p.exe | "{4006614B-848E-4042-BCEE-E7932BE0CAF3}" = protocol=17 | dir=in | app=c:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe | "{46952771-7B6B-47B1-9688-6DE13E363393}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{513B60E2-0C8D-4BE9-9068-3D54B144A842}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{53AADE75-624F-478B-BACC-CB805FFF779D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | "{559660AA-C847-4C46-BB71-3639782D13C9}" = protocol=17 | dir=in | app=k:\symulator farmy 2013\agrarsimulator2013.exe | "{568F99C1-C300-4827-86E5-DF4E3DD0C113}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe | "{5B11AC59-B8CE-4390-99DB-9DDE8195976A}" = protocol=17 | dir=in | app=c:\users\user\desktop\en_conquer2.0_5611_p2p.exe | "{5D22170C-FAA4-4F01-B030-E75690A55673}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5F4CE5AD-1CB9-4C64-9CB8-D9C29C5C0680}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{664595AA-1969-4E8A-B7DD-12A903BC7690}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe | "{66D44BBF-7785-414B-875C-B8768F4231E1}" = protocol=58 | dir=in | app=system | "{6AB98535-1D30-4693-A4BA-E485DF678415}" = dir=in | app=en_conquer2.0_5611_p2p.exe | "{70F5DEF9-4164-4EBF-9A30-2B3F00C3CD81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{7722B4C4-3212-4558-9819-26B961B9C959}" = protocol=6 | dir=in | app=c:\program files\techland\symulator farmy 2013\agrarsimulator2013.dll | "{7AD2FDFE-D2E9-42E1-983A-9236480985C4}" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "{7B59A909-C8E5-4CC5-9B37-4BA1CB63F33A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8CED8476-B7BC-4AF0-ABD8-74FE25CA026F}" = protocol=6 | dir=in | app=k:\symulator farmy 2013\agrarsimulator2013.dll | "{91EE3238-C02E-49F7-8B13-12A58C48D969}" = protocol=6 | dir=out | app=system | "{951E72EF-0C91-4654-94FC-F1E26996C330}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe | "{96F253E1-99CD-4DBA-ACC2-8D2ABF3F5A1D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{9E2C0C4D-5670-4326-8B6E-6047568EF8F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A3531F8D-CF79-4178-B472-B9F5732724EB}" = protocol=6 | dir=in | app=c:\users\user\desktop\en_conquer2.0_5611_p2p.exe | "{A8B0A817-87B7-40A2-9948-526558061FF4}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{A9F7B0B1-7075-4647-AD4F-40BAFA761D8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AE48BBB2-737E-4273-B6D2-ACAB80A50AA2}" = protocol=6 | dir=in | app=c:\program files\techland\symulator farmy 2013\agrarsimulator2013.exe | "{AF100F81-DFDC-4021-BB1E-242AFA60C150}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{B50536D2-F885-4B5E-A104-4BCBF11533EC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | "{B50D3FC3-3D66-40F2-9208-5AFD7E687310}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B779197E-9A2E-4188-B7AF-32CC820ABD5A}" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "{B8F3E7CC-D461-4168-A39E-FB9C8613722D}" = protocol=6 | dir=in | app=k:\symulator farmy 2013\iupdate.dll | "{BC6F3F71-F34C-45C1-8617-30483B5DA668}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe | "{BCCC4460-86B6-4BDE-9A2F-1D81B1FC11AB}" = dir=in | app=c:\program files\smartftp client\smartftp.exe | "{BF5EE05F-65BE-4E0E-94F0-4B7A0059AD97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BF9212EA-CE82-4E0A-8811-81AA93259FFC}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "{C33AF957-A7D6-4D77-A477-A13C75AF4260}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "{CC9A32AC-C67E-4BEB-9BFA-B8243AA1C34C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D4DD61AF-0D89-493C-B61D-61CFB2CAD82F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D4EED3FD-4BE4-4EC2-8102-190F380E423E}" = protocol=6 | dir=in | app=k:\symulator farmy 2013\agrarsimulator2013.exe | "{D71857A7-76BC-4122-BD7C-B35C4A25077F}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "{E1C23D22-1851-4024-A4EC-FB082E7F2C40}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E3FF2DA4-9F62-41AE-BD47-6727A5E7EF7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E688D88D-4169-405F-A528-8D95CEF80EEE}" = protocol=17 | dir=in | app=c:\program files\techland\symulator farmy 2013\agrarsimulator2013.dll | "{EA59E162-19FE-4219-80AE-15F2828F609C}" = protocol=17 | dir=in | app=k:\symulator farmy 2013\agrarsimulator2013.dll | "{EFAFDF9C-8FCA-4628-AD21-0CE3B30CDA93}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe | "{F0619F76-DE0D-4359-8AE4-C698D0D8E829}" = dir=in | app=en_conquer2.0_5611_p2p.exe | "{F219A864-FEA5-4696-BD91-0011E2AE762A}" = protocol=6 | dir=in | app=c:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe | "{F7761525-CF19-40AB-815E-CFBF512CA77F}" = protocol=17 | dir=in | app=c:\program files\techland\symulator farmy 2013\agrarsimulator2013.exe | "{FBB8115A-453F-48D1-9B70-C8D98CB3F9C6}" = dir=in | app=en_conquer2.0_5611_p2p.exe | "{FC2854E2-F490-464F-AF5E-E6FBA4EF5028}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FE613E7F-3283-402D-BCF9-6192B5DF80FE}" = protocol=17 | dir=in | app=k:\symulator farmy 2013\iupdate.dll | "TCP Query User{04CC7A0A-165F-4DC2-9539-327CB00F8737}C:\users\user\desktop\virtualmt2 - kopia\[a]safir.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\virtualmt2 - kopia\[a]safir.exe | "TCP Query User{1FD7F3CD-84D4-45C3-9C65-9B9C0F5A0DCD}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe | "TCP Query User{30481B6C-6DC5-4F2F-9A4B-52D66A4AB06B}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "TCP Query User{7AF40ED0-D276-443D-A039-B2FBB0F3FA5D}C:\users\user\desktop\en_conquer2.0_5611_p2p.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\en_conquer2.0_5611_p2p.exe | "TCP Query User{8D9BC782-70BB-4764-A7D1-1CF1E8C4F4F8}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{905667C5-22BC-4C7F-9991-7E904237A44F}C:\users\user\desktop\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=c:\users\user\desktop\pandoramt2\metin2.bin | "TCP Query User{977B4F41-2359-4B34-9D33-EE6A889B5531}C:\program files\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\stronghold crusader\stronghold crusader.exe | "TCP Query User{A427D8C2-401A-4799-8B53-18FE490604C8}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{CCB8EB8A-8C23-4DC3-93CA-2482215FC38D}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{D25519DC-CA36-435A-93B2-7B406717180F}C:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe | "TCP Query User{D4B67294-0D3B-494D-99AF-A7A861CA3221}C:\users\user\desktop\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe | "TCP Query User{E695E4BB-F1A9-40E2-8F3D-B29019D186FE}C:\program files\blackd proxy\tibia.exe" = protocol=6 | dir=in | app=c:\program files\blackd proxy\tibia.exe | "TCP Query User{FAB44A57-4662-4AF6-AC5B-05ECDFE94C99}C:\users\user\desktop\virtualmt2\virtualmt2 (bez patchera).exe" = protocol=6 | dir=in | app=c:\users\user\desktop\virtualmt2\virtualmt2 (bez patchera).exe | "TCP Query User{FBAC287D-1486-4B46-952E-2D26722974B9}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{054C169C-43B7-41CF-849E-B87CA4FFD7DA}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{055395B6-F7E5-4796-8D48-CAB05B66801C}C:\users\user\desktop\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=c:\users\user\desktop\pandoramt2\metin2.bin | "UDP Query User{0F7C7A6A-2198-42B2-8890-CDA5DBE74D29}C:\users\user\desktop\virtualmt2\virtualmt2 (bez patchera).exe" = protocol=17 | dir=in | app=c:\users\user\desktop\virtualmt2\virtualmt2 (bez patchera).exe | "UDP Query User{106524CD-0F48-489A-90FB-B1449722B5B7}C:\users\user\desktop\en_conquer2.0_5611_p2p.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\en_conquer2.0_5611_p2p.exe | "UDP Query User{3C9FE272-9300-4199-A221-A82525B52D62}C:\users\user\desktop\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe | "UDP Query User{3D31546A-5042-4527-9E97-0C9A3D03F325}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe | "UDP Query User{50B3C82F-6C5F-4A90-A717-D244D4032B73}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{55295AC3-6F82-48C9-91B6-387E2054CFDB}C:\program files\blackd proxy\tibia.exe" = protocol=17 | dir=in | app=c:\program files\blackd proxy\tibia.exe | "UDP Query User{640178FE-3225-443A-9834-8C1F8E60079A}C:\program files\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\stronghold crusader\stronghold crusader.exe | "UDP Query User{73958297-393F-4B72-A935-820B87B6CAD6}C:\users\user\desktop\virtualmt2 - kopia\[a]safir.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\virtualmt2 - kopia\[a]safir.exe | "UDP Query User{C398620D-DAEA-4C2E-80CB-1B502F9A3CEC}C:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\metin2\virtualmt2 - kopia (2)\metin2.exe | "UDP Query User{C7661EB3-EEF6-4C67-8BEF-975DF96043E0}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{CBAE9741-544F-401E-BADA-B411DBBDCBE4}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "UDP Query User{D7E5641D-E5B1-4BBC-9C8F-1B8CCE36ABBC}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{075009B9-9249-48CE-9E0B-53710B40D58A}_is1" = Lubelski OTS wersja 1.0 "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{153A108A-67C9-41ED-B81D-8CF699EBE8CB}_is1" = Pliki serwerowe by BR3ND [1.4.6] V1.0 wersja 1.0 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1" = World of Tanks "{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{2CA0BED6-1CBA-4BDD-8608-BC9D639EA0F3}" = Twierdza Krzyżowiec Extreme "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{3832C490-C926-4B17-A940-E4CF5918D93D}" = SmartFTP Client "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FF7A41D-BDB7-4EF1-BA4D-19123FD653D3}_is1" = Aphelion Online "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{696C1C2D-A584-465B-B3F9-28532C1C755B}_is1" = Perihelion wersja 1.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller "{83E1DAF9-D7EF-4D01-9717-8D14B5F413A9}_is1" = Kpdo Team "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{95140000-00AF-0415-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CBEAEF3-C6BA-4F0F-8DC2-03B12BC8CF2F}" = Remere's Map Editor "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA97A34B-1AC9-4108-9AEB-8E1A5F5C44C7}_is1" = Symulator Farmy 2013 "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AF9DF4B7-5BDE-42F5-94EF-53311B55566B}" = Project IGI2 - Covert Strike "{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 306.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{DD367097-8632-42B2-9E68-44B897E59387}_is1" = RonOTS Client 8.70 "{DEDD4955-2517-48B1-87E6-0FBC0161D551}" = Atak na zamek "{E33DB440-A008-4928-8A4E-5FC5ADDED608}" = OpenOffice.org 2.4 "{F161A0DD-AAA9-4938-A741-ED491F77D034}" = TuneUp Utilities Language Pack (pl-PL) "{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer_is1" = ALLPlayer V5.X "Any Weblock_is1" = Any Weblock 1.1.0 "ASRock App Charger_is1" = ASRock App Charger v1.0.4 "ASRock IES_is1" = ASRock IES v2.0.69 "ASRock InstantBoot_is1" = ASRock InstantBoot v1.24 "ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.91 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0 "Cradle Of Rome" = Cradle Of Rome "DAEMON Tools Lite" = DAEMON Tools Lite "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Drakensang Online" = Drakensang Online "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52 "EasyBCD" = EasyBCD 2.1.2 "EdHTML v5.0" = EdHTML v5.0 "FeedDemon_is1" = FeedDemon "FileZilla Client" = FileZilla Client 3.5.3 "Fraps" = Fraps "Gadu-Gadu 10" = Gadu-Gadu 10 "GIMP-2_is1" = GIMP 2.8.0 "Google Chrome" = Google Chrome "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "ipla" = ipla 2.3.5 "JDownloader" = JDownloader "LogMeIn Hamachi" = LogMeIn Hamachi "Metin2_is1" = Metin2 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Notepad++" = Notepad++ "NSS" = Norton Security Scan "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Odlotowa farma" = Odlotowa farma "Opera 11.62.1347" = Opera 11.62 "PCSU-SL_is1" = Przyspiesz Komputer - Kompletna deinstalacja "Picasa 3" = Picasa 3 "PuTTY_is1" = PuTTY version 0.62 "QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0 "Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1 "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Scratch" = Scratch "Sjboy_is1" = Sjboy Beta4 "SmartFTP Client 4.1 Setup Files" = SmartFTP Client 4.1 Setup Files (remove only) "SpeedyDrive" = Speedy Drive (remove only) "StmAdsl" = ADSL Modem "Stronghold Crusader" = Stronghold Crusader "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 7" = TeamViewer 7 "Tibia_is1" = Tibia 7.6 "TMIPC" = Tibia MULTI-ip changer "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Unlocker" = Unlocker 1.9.1 "Visual C++ 6.0 Standard Edition" = Microsoft Visual C++ 6.0 Standard Edition "WinRAR archiver" = WinRAR 4.10 (32-bit) "winscp3_is1" = WinSCP 5.1.2 "XFastUsb" = XFastUsb "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer "ZTE ZXDSL852" = ZTE ZXDSL852 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CNET TechTracker" = CNET TechTracker "NCsoft-CityOfHeroesEU" = City of Heroes "NCsoft-GuildWars" = Guild Wars "Pokemon Portal Game Client Installer 4.0" = Pokemon Portal Game Client Installer 4.0 "Power Loader" = Power Challenge Game Plugin "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-11 10:26:56 | Computer Name = User-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: sllauncher.exe, wersja: 5.1.10411.0, sygnatura czasowa: 0x4f8518c3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16915, sygnatura czasowa: 0x4ec49caf Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000c33bb Identyfikator procesu powodującego błąd: 0x4c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf0006d0e593a Ścieżka aplikacji powodującej błąd: C:\Program Files\Microsoft Silverlight\sllauncher.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: f3261768-5bfa-11e2-9940-002522f99238 [ Media Center Events ] Error - 2012-06-12 09:08:59 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 15:08:59 - Błąd podczas nawiązywania połączenia z Internetem. 15:08:59 - Nie można skontaktować się z serwerem.. Error - 2012-06-12 09:14:06 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 15:12:26 - Nie można pobrać pakietu MCESpotlight (Błąd: Upłynął limit czasu operacji) Error - 2012-06-12 09:15:52 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 15:15:46 - Nie można pobrać pakietu MCEClientUX (Błąd: Upłynął limit czasu operacji) Error - 2012-06-12 10:19:38 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 16:19:38 - Nie można pobrać pakietu Directory (Błąd: Upłynął limit czasu operacji) Error - 2012-06-12 10:24:48 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 16:24:48 - Nie można pobrać pakietu MCESpotlight (Błąd: Upłynął limit czasu operacji) Error - 2012-06-12 10:26:44 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 16:26:29 - Nie można pobrać pakietu MCEClientUX (Błąd: Upłynął limit czasu operacji) Error - 2012-07-08 05:43:41 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 11:43:41 - Błąd podczas nawiązywania połączenia z Internetem. 11:43:41 - Nie można skontaktować się z serwerem.. Error - 2012-07-08 05:43:53 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 11:43:47 - Błąd podczas nawiązywania połączenia z Internetem. 11:43:47 - Nie można skontaktować się z serwerem.. Error - 2012-07-16 04:29:59 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 10:29:59 - Błąd podczas nawiązywania połączenia z Internetem. 10:29:59 - Nie można skontaktować się z serwerem.. Error - 2012-07-16 04:30:08 | Computer Name = User-Komputer | Source = MCUpdate | ID = 0 Description = 10:30:04 - Błąd podczas nawiązywania połączenia z Internetem. 10:30:04 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa interfejsu magazynu sieciowego zależy od usługi NSI proxy service driver., której nie można uruchomić z powodu następującego błędu: %%31 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Stacja robocza zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc IP zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Otoka i aparat minireadresatora SMB zależy od usługi Podsystem buforowania przekierowywanych danych, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 1.x zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 2.0 zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-01-13 05:11:05 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Rozpoznawanie lokalizacji w sieci zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-01-13 05:11:06 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD AsrAppCharger aswRdr aswSnx aswSP aswTdi CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf Error - 2013-01-13 05:15:36 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7038 Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error - 2013-01-13 05:15:36 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 < End of report >