OTL Extras logfile created on: 2013-04-27 17:18:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Draco\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,91 Gb Total Physical Memory | 5,75 Gb Available Physical Memory | 72,73% Memory free 15,81 Gb Paging File | 13,36 Gb Available in Paging File | 84,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,14 Gb Total Space | 36,42 Gb Free Space | 30,57% Space Free | Partition Type: NTFS Computer Name: KRAWCOWO | User Name: Draco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00199333-C3DB-4273-AA1A-CF29E87CA536}" = lport=137 | protocol=17 | dir=in | app=system | "{005E1280-EFA1-43DD-ACC5-71B78D182BDB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{02C71A9B-9AE3-48FF-8E55-26E8643C271C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{038244B8-E5BE-47BE-8559-6A413F19C574}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{06F69419-5EA4-43C6-B9A1-D78AD1922FD0}" = rport=137 | protocol=17 | dir=out | app=system | "{0D18D80D-4D41-4A26-B1BB-278D3CA33191}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0FE94058-4F5D-4683-9135-272975C435FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{14375C61-CD42-48A8-B27E-C63B2259BC28}" = rport=10243 | protocol=6 | dir=out | app=system | "{1EC4AAC5-D91D-4340-8CF9-6B6FFE679C09}" = rport=139 | protocol=6 | dir=out | app=system | "{287B3A6E-2701-455A-A2DB-AF13E63DA1F8}" = lport=2869 | protocol=6 | dir=in | app=system | "{2CF4D1D6-9C61-457E-8023-9ACDE073B45D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{31F50493-5056-4474-BEA7-22E4C5AA1282}" = rport=445 | protocol=6 | dir=out | app=system | "{340845A4-724D-4320-B8C9-2496A0C016C7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{36127CB2-9EE3-4B61-B970-5C2F2F13EAA6}" = lport=57302 | protocol=6 | dir=in | name=pando media booster | "{4193C604-E857-4BF0-80B8-635B1D0696D9}" = lport=139 | protocol=6 | dir=in | app=system | "{47EB406E-3555-4563-8662-2E9B8E31A18A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4E7C6E48-FBF8-47B6-86B5-28391862D0DD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{860DB6FA-3C92-49D5-89E5-13814549F89A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{907575CE-B330-4515-A0E9-6F6C7DE5944A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{932E6A18-B08E-44B8-B2C9-806CAF015198}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{951FA73C-8BC1-4CA4-84B0-CE2AF458A41A}" = lport=57302 | protocol=17 | dir=in | name=pando media booster | "{9F08ACD6-C628-4D09-A5B9-AFF84D226F41}" = lport=57302 | protocol=6 | dir=in | name=pando media booster | "{B9C8B775-A949-4104-8A4B-638912D59B92}" = lport=445 | protocol=6 | dir=in | app=system | "{C0498C00-3569-4E79-8329-CAA2D7543C3C}" = lport=10243 | protocol=6 | dir=in | app=system | "{CB61AC54-8F7D-4905-932D-7D6105910146}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E6279ECF-0740-413F-8391-63294BC29B96}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{EDE1A515-0F75-49F9-994E-CD122E58095A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EE5CEDBF-C259-410F-A5AF-6136020F5735}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EEB04629-E5A1-400F-B688-56E45C4ED70B}" = rport=138 | protocol=17 | dir=out | app=system | "{F50C8BD5-D721-4547-BFAE-7F6CF9BC1C2C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F6742FDC-5E61-4A50-A6E2-E5970E69174E}" = lport=57302 | protocol=17 | dir=in | name=pando media booster | "{F6DA837B-E999-4805-B10A-16FF288B5476}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F737E062-746C-451B-9CB5-5000019BC3F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FA287EC6-4511-405A-A10F-6E348AA28625}" = lport=138 | protocol=17 | dir=in | app=system | "{FE8CBB4C-5A35-4936-9E1A-3F3088DF8F03}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{078085DE-8C25-44E6-BF56-5C7670C6AB4A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{11105586-B308-4A7F-A612-BF3FECAFDAF7}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe | "{19F57E27-6E8C-43E9-B5F6-31D25EBB4F7F}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{1A6D9CF8-62F6-4462-B0B7-6BD853DC554E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{1B673C3E-9E5E-4859-BBA8-46DA6848B4E2}" = protocol=6 | dir=out | app=system | "{1E693E64-9D37-4230-9C0E-1B69B096786B}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{1EE4781C-F4AC-496A-A57B-6B2FE11CEFDF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{294CA41A-EEA0-4BAD-B44A-5E5148A5F1AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2AE5BD3D-FE89-4F5D-A6B2-FC42EAF2243B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{2B0201DA-BE0A-4E12-BD02-40C9D54D3E03}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2B5168A9-FFFE-423E-AB81-BA4B5A381644}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{33DBBC65-D1E2-4B3D-8BAC-DB99F00B99A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4155CA54-BAF1-459B-9D44-24516C77F56B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5409EE3D-AAF7-4B54-A937-2EADC33FBCAD}" = protocol=17 | dir=in | app=c:\program files (x86)\army builder 3.4\armybuilder.exe | "{6745CC20-B660-439D-B270-47664D3A342F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6F1F6B93-83D9-4437-A53E-26A093B83C3A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{73FCB5A3-5CCF-4FE3-9EAC-1958E2B4F483}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{757B481C-1813-4FA6-B7C1-A69BA89E1808}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | "{781896FE-D31B-4052-B8FB-59581EEDE93F}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{7BC8315C-8E3C-4BF2-9A34-D705FCC30E87}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{80F6710A-BB7D-4A1B-94A7-39D81D73214A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{840ABF6E-DEA5-45B3-8E70-5358730DBA54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{84FADFFF-7A63-4F86-87F5-65B9904FF99F}" = protocol=6 | dir=in | app=c:\program files (x86)\army builder 3.4\armybuilder.exe | "{872ACE56-AFDA-4B5D-912D-7BB1C7F96664}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe | "{9400D365-AD2B-4689-AACA-EB57C655AA7C}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{94083941-0289-44CE-A2E4-587112F7F4D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{98622E68-FA7F-431D-AD90-67DD7A1F81FF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{991C5EEB-C6EB-45FD-8078-557A1EBF85B6}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | "{9F7C3F75-17F2-4258-B297-3F6B7F07F5D8}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{AC88C8E6-57E3-4115-8135-F6BA7540941B}" = protocol=17 | dir=in | app=c:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe | "{B1E85C5F-BE75-4045-96AB-3101B3B372D2}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{BA43EDBC-AB7F-458F-B415-884654AE192B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{BC671EA0-C593-496A-B81B-856F9928BEB7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BD14F7FD-3ECF-4493-BC77-4BEFAB2F6C45}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C56009D6-6B91-4513-BA95-3407B575B31F}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{C70B6D52-6E15-44B5-BAFF-4B00911C3F4C}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{C7762B4C-957C-442B-813C-6CF0FEF68B84}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe | "{CA0DCC51-F383-4256-8D32-00E6D5F05EF9}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{CBC32F50-28CF-470D-AF61-D3FA56F62CEF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DC3A9EE2-C091-444F-ACD4-512E4AD7D27F}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{E7C491C0-7EFF-4A29-9849-18D5062B4F59}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | "{EACC67DF-4BC0-48C9-8447-E0579DFD06F1}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | "{F646B082-374C-465F-B24E-A0229732E9BA}" = protocol=6 | dir=in | app=c:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe | "{F89B6F20-170A-4599-8767-A1D24EE6E0DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{FD26162A-069F-48FB-A070-9B82F4CDACF7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FF5ACAF9-02CA-4B95-9CC2-917E02486C80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{0669F0A1-B61E-4991-8B1E-3B62FF1BCB51}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "TCP Query User{0FAC7A5E-6B35-4F34-B6E6-DBA2BB7C797B}C:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\4pk58wjl\digital-download[1].exe" = protocol=6 | dir=in | app=c:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\4pk58wjl\digital-download[1].exe | "TCP Query User{137786E6-73AE-4084-AD0D-491574E3E1E9}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | "TCP Query User{1DD0132C-29EE-4AEB-9F34-65982C76CCD4}C:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{41B67163-592A-4E33-BEC9-1184A52ECE4C}C:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\eacvf1py\digital-download[1].exe" = protocol=6 | dir=in | app=c:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\eacvf1py\digital-download[1].exe | "TCP Query User{47E77A75-50AC-4267-A3EE-C1E30A9AB203}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe | "TCP Query User{512114F7-5D4E-4C4F-8B78-9931E952B074}C:\program files (x86)\supermicro\ipmiview\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\supermicro\ipmiview\jre\bin\javaw.exe | "TCP Query User{7124358A-AFC1-4C51-9EF2-1966E7FABB77}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{7EE93DEA-B5DA-4FAA-8145-6DB1D5835D9F}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe | "TCP Query User{90FE271C-4A66-40C8-A22A-19566737ED03}C:\program files\opera x64\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | "TCP Query User{9391C55D-59C9-4F01-85D5-D0B2E4B22CC7}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "TCP Query User{95EFD0EE-14D5-43E8-B8E0-AA5026303E84}C:\wamp\bin\apache\apache2.0.63\bin\apache.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.0.63\bin\apache.exe | "TCP Query User{A8569417-D239-42A4-9A27-01EE3F4C0966}C:\cygwin\bin\xwin.exe" = protocol=6 | dir=in | app=c:\cygwin\bin\xwin.exe | "TCP Query User{AD470D25-B8F7-4BCA-B813-749E929181B8}C:\wamp\bin\apache\apache2.2.14\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.14\bin\httpd.exe | "TCP Query User{B86FA360-6319-4AAC-9396-65F9AE337F8D}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | "TCP Query User{BD5A9017-207C-43E5-9C18-CC9AB6F11037}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "TCP Query User{C1F9B413-4271-4575-B0AE-F84EBF500B05}C:\program files\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe | "TCP Query User{DB649C2B-3CB5-4B56-819A-B0D189F4B88F}C:\users\draco\desktop\d3\diablo iii.exe" = protocol=6 | dir=in | app=c:\users\draco\desktop\d3\diablo iii.exe | "TCP Query User{EC4AF030-E341-4052-8540-D99576E2C9D0}C:\windows\system32\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "TCP Query User{EF7A26F0-D3F0-4D62-B739-0D93F3ED8FFB}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "TCP Query User{FA0577E6-9F14-4CBB-98FF-B27E7623CCED}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "TCP Query User{FB392431-033F-4401-95A3-31D7BB6F7B06}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe | "UDP Query User{033219F0-E0DB-4EB5-8D78-08DFB6BAE77A}C:\wamp\bin\apache\apache2.2.14\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.14\bin\httpd.exe | "UDP Query User{117480C4-AE8B-4B60-9237-BADEAEBDA007}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "UDP Query User{143183AA-A316-4D14-BB1A-EB864D98C8E4}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe | "UDP Query User{1BBD5FE0-8068-4EF1-9F8D-7B609D2D0B9E}C:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\draco\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{3F01FD7E-6155-4DEB-A098-70600F6609EF}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe | "UDP Query User{5B682EF6-FC0D-49A3-9187-79D86F18804E}C:\windows\system32\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "UDP Query User{640416F3-AB55-463F-9AAA-D3E873B56886}C:\program files\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe | "UDP Query User{66C327E2-1CF9-4FBF-A4FA-5D6DC25649F4}C:\users\draco\desktop\d3\diablo iii.exe" = protocol=17 | dir=in | app=c:\users\draco\desktop\d3\diablo iii.exe | "UDP Query User{67ADAA6A-7D65-4922-BAB6-B1D005A49047}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | "UDP Query User{69539892-5C5F-45E4-97BC-496181478381}C:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\eacvf1py\digital-download[1].exe" = protocol=17 | dir=in | app=c:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\eacvf1py\digital-download[1].exe | "UDP Query User{6FE4498D-6356-45DD-8363-B625E99CCF44}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{8438294C-2065-43E6-AFAB-2E8B8346EEA9}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | "UDP Query User{9052CBD0-510D-43FA-83A5-4CB00724E8A6}C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe | "UDP Query User{90DEF74C-1AB5-44BD-9FCA-01710326BEAF}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "UDP Query User{9396022F-0010-4CDB-AA2E-88D85A976C8E}C:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\4pk58wjl\digital-download[1].exe" = protocol=17 | dir=in | app=c:\users\draco\appdata\local\microsoft\windows\temporary internet files\content.ie5\4pk58wjl\digital-download[1].exe | "UDP Query User{A648DE5C-64D3-42A7-A24E-5190773D4712}C:\cygwin\bin\xwin.exe" = protocol=17 | dir=in | app=c:\cygwin\bin\xwin.exe | "UDP Query User{B700BB91-46FD-41A6-9A10-5596B0BDAB57}C:\program files\opera x64\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | "UDP Query User{D02E5F88-F5D4-4B47-9879-2DA74995FAF4}C:\wamp\bin\apache\apache2.0.63\bin\apache.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.0.63\bin\apache.exe | "UDP Query User{DFAF68D7-93A6-489F-AEFE-48CF7846820D}C:\program files (x86)\supermicro\ipmiview\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\supermicro\ipmiview\jre\bin\javaw.exe | "UDP Query User{F9A27B36-DAAC-4D32-A969-285E4C82F62F}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | "UDP Query User{FBE8B532-2A37-4A9E-876C-4C6F1CAAFB23}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe | "UDP Query User{FDF8915A-1C94-4AC6-B801-304520F7D3F8}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit) "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}" = Validity Sensors DDK "{5D214A60-8ED4-49BD-BFED-2D5FADBA7225}" = HP Deskjet 3510 series — podstawowe oprogramowanie urządzenia "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}" = DigitalPersona Fingerprint Software 5.20 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer "Bullzip PDF Printer_is1" = Bullzip PDF Printer 8.2.0.1406 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "nbi-nb-base-7.2.0.0.201207171143" = NetBeans IDE 7.2 "Notepad2" = Notepad2 (Notepad Replacement) "Opera 12.15.1748" = Opera 12.15 "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Dell Touchpad "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "WinRAR archiver" = WinRAR 4.11 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0ABBF310-94E4-4AE8-A6BD-10345A3F6439}" = Google Drive "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD "{43867B63-C464-4570-823D-D92DC08E3400}_is1" = Army Builder 3.4 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2 "{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}" = TI USB3 Host Driver "{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "Army Builder V2.2c" = Army Builder V2.2c "Audacity_is1" = Audacity 2.0.3 "Dell Webcam Central" = Dell Webcam Central "Fotosizer" = Fotosizer 1.37 "Git_is1" = Git version 1.7.11-preview20120710 "GzegzolkaXP_is1" = Gżegżółka XP 7.1.2.2 "Inkscape" = Inkscape 0.48.2 "InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}" = TI USB 3.0 Host Controller Driver "IPMIView" = IPMIView "LAME_is1" = LAME v3.99.3 (for Windows) "Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "PLAY ONLINE" = PLAY ONLINE "ProInst" = Intel PROSet Wireless "TeamSpeak 3 Client" = TeamSpeak 3 Client "WampServer 2_is1" = WampServer 2.0 "Warcraft III" = Warcraft III "WinPcapInst" = WinPcap 4.1.2 "Wireshark" = Wireshark 1.8.6 (64-bit) "Wubi" = Ubuntu [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-226322653-1066380926-2986763764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "GG" = GG "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-04-18 06:09:39 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-19 16:23:40 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-20 13:58:08 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-23 14:07:34 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-24 01:22:12 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-24 17:50:20 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-26 00:36:59 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-26 05:54:30 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-27 09:36:06 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = Error - 2013-04-27 09:53:45 | Computer Name = Krawcowo | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-01-13 08:45:47 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error - 2013-01-14 09:47:53 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-14 09:47:53 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-14 09:47:54 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error - 2013-01-15 05:17:09 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-15 05:17:09 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-15 05:17:10 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error - 2013-01-16 05:24:59 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-16 05:24:59 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-16 05:25:00 | Computer Name = Krawcowo | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom < End of report >