OTL Extras logfile created on: 2012-08-16 17:43:58 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\tom\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1.75 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 76.86% Memory free 3.73 Gb Paging File | 3.49 Gb Available in Paging File | 93.53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 60.01 Gb Total Space | 15.99 Gb Free Space | 26.65% Space Free | Partition Type: NTFS Drive D: | 87.04 Gb Total Space | 85.20 Gb Free Space | 97.90% Space Free | Partition Type: NTFS Computer Name: TOMEK-PC | User Name: Tomek | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0AFD8582-2FDF-4D23-9698-D13993EE81C4}" = lport=50000 | protocol=6 | dir=in | name=arcavir communicationport (a) | "{0D0BD5B2-634F-4981-9D30-5576E0620758}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{1BB93BD2-F3C7-4B25-A91A-BD2E44019C62}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{36B58BC5-1E4C-4285-ABD5-04A07CEC99CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{44CCD99A-0B8B-411E-8CF9-5AD265F02B10}" = lport=138 | protocol=17 | dir=in | app=system | "{462AEB5D-E9BF-4AD5-9198-D353F4AA416C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4E33D3B7-58CC-4F6E-A621-F48E1F78E647}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{53CA284D-D7E7-4438-A9AA-B47EBBE0BE75}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5536B380-DECA-4CB6-B1FF-C4FC2CD87FA6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{563754F0-1532-4766-A300-2BF086FA9A48}" = lport=2869 | protocol=6 | dir=in | app=system | "{5C128552-B567-4D5E-8119-48F0664E8CCF}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5C6E913A-122F-470E-8F67-CC009F1B9A79}" = lport=10243 | protocol=6 | dir=in | app=system | "{6D2E7244-EA77-42C6-BF9C-2A11EAAB6FED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{736395BB-D915-4FFF-B48B-4EC5C946551F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{7C9FE340-7CA6-4CEF-8D7A-B598ED084578}" = lport=137 | protocol=17 | dir=in | app=system | "{8770F4A6-38BC-4052-B032-4515760FDDE0}" = rport=139 | protocol=6 | dir=out | app=system | "{8EE1F420-9B35-4F30-BA9C-D0FA873CF613}" = lport=445 | protocol=6 | dir=in | app=system | "{90AF4EA9-60FF-41D7-9B22-4E01726117FC}" = rport=445 | protocol=6 | dir=out | app=system | "{96EBEDB1-5636-4F51-9980-7C0B7A2DB10D}" = rport=137 | protocol=17 | dir=out | app=system | "{997FC067-755B-4BC9-884A-CE4949D973AB}" = lport=50001 | protocol=6 | dir=in | name=arcavir communicationport (s) | "{B223E246-C69C-423A-8CA6-2120E35A9F9F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{C48C1EF5-ED8E-44F5-AAAD-90A5BC2D7A63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C781D975-12FD-40C2-A6D2-C1D784DA6282}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CCAA5CBF-74D1-4AE2-B0EB-C94714277BA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D07163EB-BD8B-4010-8FEC-C49D8388A73B}" = rport=138 | protocol=17 | dir=out | app=system | "{DB8A73D5-366A-4E59-B806-7DD960424030}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DDAF567B-2290-433E-9D45-8C99BC76D202}" = lport=139 | protocol=6 | dir=in | app=system | "{DEC4BBCD-11C3-4B6F-AF43-CF8E781B6C55}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EC31EAB4-DE1A-4002-81E7-771CD0F96F11}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ECE04859-CDC8-477D-BD23-E57F5C16B58B}" = rport=10243 | protocol=6 | dir=out | app=system | "{EDD6AA1F-FD53-47D1-9C1C-D48A2CA3ED4E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F3E7438E-95A9-4859-A5DF-C00876D796CC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{FC88044E-E954-425D-935B-F53868E81CAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05807DA9-8607-49C1-8B0C-218EA40EA509}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{05CD3EFB-61A3-4D89-BE83-2AC1606117AB}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{08459FA8-0714-4F33-B179-4E20B3F82EC3}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{0952F55B-AE5C-4193-A323-01BEF1584BE8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{25C042C3-B4F6-4BD5-8136-875A6352C0C5}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{25FCB18C-9922-4896-A506-DECE3D6AF848}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2C11E8C6-9B34-46DB-8F84-F262D5FB322D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{3895D3F0-FC75-49ED-8A5B-7D653B05646D}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{404BFD89-680C-495F-B4BA-097A47BB70B1}" = protocol=17 | dir=in | app=d:\nowy folder\dragonnetwork.exe | "{47AEBB83-1F87-45FB-AF06-080A74F72B63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4EF5FA95-7A68-4D36-86C5-43CA951B277D}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{551A5496-7891-4A77-8EC7-A971D7C8A5FA}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{57E2A315-77C5-4454-89B9-5E30782F760F}" = protocol=6 | dir=out | app=system | "{6047D3D0-E7BB-4772-AA6E-5C3B71E4FA7F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{665C2745-E2E9-4C0F-B5AB-E16E92AC6B0D}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{66EE5299-2DCA-4AB3-8DB7-56B50CC6A18B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{69DC81E6-B4C4-45D5-8E9D-EE1C62C054D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{73032C99-4CDC-44AC-A515-0ED3D1EF7A69}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{80D23B71-30B9-46D4-8336-5A93EF3DA2D1}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{84BE61A9-EE82-4BFB-A93B-8D42919DA2C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8B7F947F-1C44-4A47-A370-9ABF243DE68C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{92735084-C528-4B9D-A0CF-83C7491EC03D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9C30F158-61EC-4F0A-811D-308E3E965B6E}" = protocol=6 | dir=in | app=d:\nowy folder\dragonnetwork.exe | "{A0EF74F9-1780-4B4E-9786-8B5E6EDE0E08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A3B5516E-28B4-48A0-A04E-5F2F1023AB0A}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{A874F3FE-3621-4918-96BE-C53CDDF9E4B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B65CE264-8E48-4ADE-BE91-AB65095F1089}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BA32E2DA-55B1-406C-B3E1-0BD0359FD610}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BBE4AE5C-0701-4778-9EDC-17969D380560}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{CA430BEB-D301-4334-BFA7-CCC86AA151CA}" = protocol=6 | dir=in | app=c:\users\tom\downloads\sweetimsetup.exe | "{CCD1F952-53FC-4256-AF7E-68A1AA994655}" = protocol=17 | dir=in | app=c:\users\tom\downloads\sweetimsetup.exe | "{DB2C573C-20EF-4FA3-A065-3B2AADEE331C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{E410F8C5-EE00-4AB7-8613-5615F0245116}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{E4A9C319-63BA-4D16-8688-4EE716383DE1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E56F88D1-DA33-496A-BE2F-1FEB4F5715D5}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "{EFC664C4-59F2-48B3-B62B-87E6946693AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{02CF950F-7AB5-40B7-A09A-77F7ADC260E8}C:\program files\valve\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\valve\counter-strike source\hl2.exe | "TCP Query User{07FBC77E-FFFE-4B01-987A-2C4CF47C5FAE}D:\gry\metin2\locmt2_steel.exe" = protocol=6 | dir=in | app=d:\gry\metin2\locmt2_steel.exe | "TCP Query User{08B44D1B-EAFF-431B-B2FB-B01A983CE340}D:\gry\metin2\privmt2.exe" = protocol=6 | dir=in | app=d:\gry\metin2\privmt2.exe | "TCP Query User{095C798F-87A5-4225-9ED7-D8A62CBB080E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{0D836745-F263-4414-B2FB-D301FC561092}D:\gry\metin2\klient_xenoxmt2\xenoxmt2launcher.exe" = protocol=6 | dir=in | app=d:\gry\metin2\klient_xenoxmt2\xenoxmt2launcher.exe | "TCP Query User{1103BB2A-77CE-4ABB-8908-4C1413EB3A4F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{1F910EDF-2164-4EC9-8942-CEA5EF7852B9}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{24653072-D0C1-4260-841A-4770AA951B2F}D:\gry\metin2\wilczekmt2.exe" = protocol=6 | dir=in | app=d:\gry\metin2\wilczekmt2.exe | "TCP Query User{250BD793-1DCC-43BF-A232-91261FCC3302}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{2B129ED5-641D-42A9-8A65-F9CC77EAC94A}C:\users\tomek\appdata\local\temp\rar$ex01.374\counterstrike2d.exe" = protocol=6 | dir=in | app=c:\users\tomek\appdata\local\temp\rar$ex01.374\counterstrike2d.exe | "TCP Query User{325B4EED-CB1B-4C0B-B9A8-DEC74DFB639E}C:\users\tomek\appdata\local\virtualstore\program files\newlongju\metin2.bin" = protocol=6 | dir=in | app=c:\users\tomek\appdata\local\virtualstore\program files\newlongju\metin2.bin | "TCP Query User{4DD186FE-F024-4E52-940F-AC20899B2DC5}C:\program files\tlen7\tlen7.exe" = protocol=6 | dir=in | app=c:\program files\tlen7\tlen7.exe | "TCP Query User{512A39F4-460E-4231-BFB1-BB7FD4A47FDB}C:\program files\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu\gg.exe | "TCP Query User{55984B2C-E1AB-46BB-A47B-C18C5EB48CB7}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{671E91BE-52B1-416B-921D-514442B7B5ED}D:\gry\nowy folder\metin2\szakalmt2.exe" = protocol=6 | dir=in | app=d:\gry\nowy folder\metin2\szakalmt2.exe | "TCP Query User{6974A2E6-FB13-4ACE-B876-72EE2BD50121}D:\gry\hl.exe" = protocol=6 | dir=in | app=d:\gry\hl.exe | "TCP Query User{6BDCDD79-1CD1-4E57-ADA1-EE6B5C85B703}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{75AE7483-1675-4A4D-A9E3-7D840F3AABFB}D:\gry\metin2\mt2pol [up-emiospl].exe" = protocol=6 | dir=in | app=d:\gry\metin2\mt2pol [up-emiospl].exe | "TCP Query User{76AFB8C7-A6D2-44AB-BAB3-37FFB017284A}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{7CC88ACF-BAEA-4E2C-8512-47783AB4CFA4}D:\gry\metin2\metin2.exe" = protocol=6 | dir=in | app=d:\gry\metin2\metin2.exe | "TCP Query User{83735039-2A19-4FD4-A2C6-B16E9FAA99EE}D:\gry\metin2\newbeginingmt2_by_wlodek.exe" = protocol=6 | dir=in | app=d:\gry\metin2\newbeginingmt2_by_wlodek.exe | "TCP Query User{8D09686F-276E-4AB6-A0AA-F16D85F02BAA}D:\program files\my audio video\downloaded media\god\god.exe" = protocol=6 | dir=in | app=d:\program files\my audio video\downloaded media\god\god.exe | "TCP Query User{903BA096-EDA5-4A0F-8835-F3D2A833BCC2}C:\users\tomek\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\tomek\program files\dna\btdna.exe | "TCP Query User{A340291E-B62B-493B-A818-F5D19D3DC2D2}D:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=d:\program files\bearshare\bearshare.exe | "TCP Query User{A5D35E18-73F5-4C24-8114-DE3BCBE36F77}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe | "TCP Query User{B46B6F4D-1977-49CD-98E5-BC5FC154BC57}D:\gry\metin2\szakalmt2.exe" = protocol=6 | dir=in | app=d:\gry\metin2\szakalmt2.exe | "TCP Query User{C3943218-2144-40A9-ACFB-8625620DE70E}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{C75F21F8-03C8-47B6-9492-9D7AE50B13CD}C:\program files\naruto_naiteki_kensei r1\hl.exe" = protocol=6 | dir=in | app=c:\program files\naruto_naiteki_kensei r1\hl.exe | "TCP Query User{D50F9BAE-D000-4485-BD20-9EFD83EB36D0}D:\gry\metin2\smt2.exe" = protocol=6 | dir=in | app=d:\gry\metin2\smt2.exe | "TCP Query User{E5608939-2BFA-4917-AD52-207A67787E43}D:\gry\metin2\xdd.exe" = protocol=6 | dir=in | app=d:\gry\metin2\xdd.exe | "TCP Query User{E6FF7E77-F5FF-450E-8241-5229CDBF423F}D:\gry\nowy folder (2)\hl.exe" = protocol=6 | dir=in | app=d:\gry\nowy folder (2)\hl.exe | "TCP Query User{E709AA4E-41F3-48BA-9C40-B72CD62B8D1A}D:\gry\metin2\metin2.bin" = protocol=6 | dir=in | app=d:\gry\metin2\metin2.bin | "TCP Query User{ED9D69F1-F7C5-4FBE-B459-5A26D4BAD8A3}D:\gry\hlds.exe" = protocol=6 | dir=in | app=d:\gry\hlds.exe | "TCP Query User{EFB995B0-9487-47BD-84D1-8077764C0BDC}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "TCP Query User{F76BDB67-05EE-440A-AC6C-4A379AE9B2EA}D:\gry\metin2\mc.exe" = protocol=6 | dir=in | app=d:\gry\metin2\mc.exe | "TCP Query User{F90CCE9C-6F7D-469E-850D-EBFB3E326D9A}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "UDP Query User{00DB9C8F-2FA2-4FF0-8914-E6FC8BCCE3BE}D:\gry\hl.exe" = protocol=17 | dir=in | app=d:\gry\hl.exe | "UDP Query User{0283CB47-3711-4F00-8E0B-33C22F30280A}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "UDP Query User{0B7619B6-E266-4CBC-82F1-284C9846F578}D:\gry\metin2\xdd.exe" = protocol=17 | dir=in | app=d:\gry\metin2\xdd.exe | "UDP Query User{103814E6-5F55-413F-BEAA-59968F09721C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{13A5E376-FDDA-437B-96F9-64F2F129C1E7}D:\gry\metin2\newbeginingmt2_by_wlodek.exe" = protocol=17 | dir=in | app=d:\gry\metin2\newbeginingmt2_by_wlodek.exe | "UDP Query User{1D20414F-FDD5-45C8-9280-362C911D0BC0}C:\users\tomek\appdata\local\virtualstore\program files\newlongju\metin2.bin" = protocol=17 | dir=in | app=c:\users\tomek\appdata\local\virtualstore\program files\newlongju\metin2.bin | "UDP Query User{1DEC1259-3DFA-44FE-ACB0-61C392B4BCD8}D:\gry\metin2\mt2pol [up-emiospl].exe" = protocol=17 | dir=in | app=d:\gry\metin2\mt2pol [up-emiospl].exe | "UDP Query User{2282DF7D-1DE3-4113-9999-2216681EC11E}D:\gry\metin2\privmt2.exe" = protocol=17 | dir=in | app=d:\gry\metin2\privmt2.exe | "UDP Query User{2437D7C2-5BAA-4247-AC69-999A03FE7C38}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | "UDP Query User{29491C70-49EC-4636-8A3C-4ABAE47CEC65}C:\program files\tlen7\tlen7.exe" = protocol=17 | dir=in | app=c:\program files\tlen7\tlen7.exe | "UDP Query User{339A7F0F-E7DB-4033-AD6B-5130433F2B92}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | "UDP Query User{3990450D-A70E-466C-A300-F28205F001C2}D:\program files\my audio video\downloaded media\god\god.exe" = protocol=17 | dir=in | app=d:\program files\my audio video\downloaded media\god\god.exe | "UDP Query User{440F71F1-9C54-4FD1-A405-2A1970347BCF}D:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=d:\program files\bearshare\bearshare.exe | "UDP Query User{4CAAD124-9F25-4050-9480-A4C459DBFF44}D:\gry\metin2\wilczekmt2.exe" = protocol=17 | dir=in | app=d:\gry\metin2\wilczekmt2.exe | "UDP Query User{526EF4F2-9245-4B90-A988-4108B75207BF}D:\gry\metin2\metin2.bin" = protocol=17 | dir=in | app=d:\gry\metin2\metin2.bin | "UDP Query User{52850501-28CA-40EC-84AC-4A164DCCF516}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{58369BB1-10DA-42D7-B6BE-74A2BD6EF176}D:\gry\metin2\szakalmt2.exe" = protocol=17 | dir=in | app=d:\gry\metin2\szakalmt2.exe | "UDP Query User{604C290D-6402-443B-88E8-05FB90BF35D2}C:\users\tomek\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\tomek\program files\dna\btdna.exe | "UDP Query User{6183BFE1-0A36-433A-9576-679655CFFF81}D:\gry\metin2\klient_xenoxmt2\xenoxmt2launcher.exe" = protocol=17 | dir=in | app=d:\gry\metin2\klient_xenoxmt2\xenoxmt2launcher.exe | "UDP Query User{66A0572F-50E3-4C29-8CF9-56AD3CF5C4E2}D:\gry\metin2\smt2.exe" = protocol=17 | dir=in | app=d:\gry\metin2\smt2.exe | "UDP Query User{6C5EDB69-D528-4A10-A3D3-A86A6526F552}D:\gry\nowy folder\metin2\szakalmt2.exe" = protocol=17 | dir=in | app=d:\gry\nowy folder\metin2\szakalmt2.exe | "UDP Query User{770132A1-1723-4726-8A8B-71A9CD8789C6}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{91546E54-4C9C-4EEE-BF26-F7103376DB20}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{A365270E-49EB-45B6-A01B-1D047C62AAEE}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{ACC7B273-0F51-4605-8714-11611FAEB0B8}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{AED4C77C-252B-4565-BEB5-809AC7CB9779}C:\program files\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu\gg.exe | "UDP Query User{B40F8AB1-0E50-4C97-9389-B44AAB1A1217}C:\users\tomek\appdata\local\temp\rar$ex01.374\counterstrike2d.exe" = protocol=17 | dir=in | app=c:\users\tomek\appdata\local\temp\rar$ex01.374\counterstrike2d.exe | "UDP Query User{B7528419-84C6-43CC-B96C-2112D319ADEF}D:\gry\metin2\locmt2_steel.exe" = protocol=17 | dir=in | app=d:\gry\metin2\locmt2_steel.exe | "UDP Query User{BDE97506-01CD-4D30-A15A-1BCFA43143AC}C:\program files\valve\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\valve\counter-strike source\hl2.exe | "UDP Query User{CE294E35-74EA-4018-9C9B-2C2FCC7467F5}D:\gry\hlds.exe" = protocol=17 | dir=in | app=d:\gry\hlds.exe | "UDP Query User{D4F1DBFC-DFAB-4E9B-A0C5-D379BB4F6C28}D:\gry\metin2\metin2.exe" = protocol=17 | dir=in | app=d:\gry\metin2\metin2.exe | "UDP Query User{DD2A84F6-ACB6-4323-9488-95BC1467D3AF}D:\gry\nowy folder (2)\hl.exe" = protocol=17 | dir=in | app=d:\gry\nowy folder (2)\hl.exe | "UDP Query User{F2990C27-BF56-4EBE-A016-F27CC46417DC}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe | "UDP Query User{F6015A17-00B9-4EFE-BFE0-6C75F6699D7E}C:\program files\naruto_naiteki_kensei r1\hl.exe" = protocol=17 | dir=in | app=c:\program files\naruto_naiteki_kensei r1\hl.exe | "UDP Query User{F84B4A84-1D8A-4C54-B950-C9ECA3E38250}D:\gry\metin2\mc.exe" = protocol=17 | dir=in | app=d:\gry\metin2\mc.exe | "UDP Query User{FC06D371-BB62-4204-B117-6D92E6D3CFC3}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{003CD4FD-DB3E-4D12-9A34-8C00FA8A680F}" = WirelessControl "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.467 "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1 "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{C87BC0B7-2BB8-49D1-8CE0-EB0410EF0938}" = SystemDiagnostics "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution "{DB457913-028D-460E-BB4C-D9A6369752CA}" = TouchPad HotKey Utility "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0 "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Ares" = Ares 2.1.5 "Audacity_is1" = Audacity 2.0 "BabylonToolbar" = Babylon toolbar "BearShare" = BearShare "BearShare MediaBar" = MediaBar "Big Scale Racing" = Big Scale Racing "BurnAware Free_is1" = BurnAware Free 4.9 "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1 "CZATeriaKam" = CZATeriaKam 2.6.2 "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "Gadu-Gadu" = Gadu-Gadu 7.7 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Hero Fighter" = Hero Fighter "Icy Tower v1.5_is1" = Icy Tower v1.5 "incredibar" = Incredibar Toolbar on IE "InstallShield_{F7D1D93A-B17A-41F8-9070-0B2A544C6165}" = LEGO Star Wars Demo Disc "Intelligent Ball [DP]" = Inteligentna piłka "Kamerzysta" = Kamerzysta (deinstalacja) "KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full) "Little Fighter 2 version 2.0a" = Little Fighter 2 version 2.0a "MAGIX music maker 11 silver UK" = MAGIX music maker 11 silver (UK) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English) "Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM "Niezbędnik CD_is1" = Niezbędnik CD "SiS VGA Utilities" = SiS VGA Utilities "Steam App 440" = Team Fortress 2 "Stella_is1" = Stella 3.4 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver "Wyczysc_is1" = Wyczysc 1.9 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater "BitTorrent DNA" = DNA "Tlen.pl" = Tlen.pl [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-05-11 08:00:59 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:03:21 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:03:55 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:04:28 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:04:54 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:05:47 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:06:17 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:06:47 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:07:31 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = Error - 2011-05-11 08:09:34 | Computer Name = Tomek-PC | Source = RasClient | ID = 20227 Description = [ System Events ] Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:13 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:45 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:36:57 | Computer Name = Tomek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-16 11:37:04 | Computer Name = Tomek-PC | Source = DCOM | ID = 10005 Description = < End of report >