OTL Extras logfile created on: 2013-05-01 11:16:55 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\PanIWladca\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,37 Gb Available Physical Memory | 84,22% Memory free 8,00 Gb Paging File | 7,44 Gb Available in Paging File | 93,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86) Drive C: | 97,66 Gb Total Space | 21,60 Gb Free Space | 22,12% Space Free | Partition Type: NTFS Drive D: | 97,66 Gb Total Space | 25,77 Gb Free Space | 26,39% Space Free | Partition Type: NTFS Drive E: | 102,77 Gb Total Space | 25,53 Gb Free Space | 24,84% Space Free | Partition Type: NTFS Computer Name: PANIWLADCA1 | User Name: PanIWladca | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- E:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- E:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2262723969-2999158923-2544376579-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "E:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "E:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00944ED2-BF2E-485A-A110-AB0E7B7ADF00}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{00C59DF5-7660-4D9C-974F-1B954DCE719C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0E6EC2D4-EFEB-4E67-914E-7946E3EFE960}" = lport=138 | protocol=17 | dir=in | app=system | "{13BD1C52-D7F4-4946-A397-DBF0732103F3}" = lport=137 | protocol=17 | dir=in | app=system | "{16EB8D5C-DBAC-4995-A06D-ED53D14F9DA0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{1A1F9579-5666-4AC4-9943-9A3FA6ED82F4}" = lport=56908 | protocol=6 | dir=in | name=pando media booster | "{240B5935-8CB4-4721-A869-D19799287681}" = rport=138 | protocol=17 | dir=out | app=system | "{2ABB6002-7E79-4698-8508-44684F8FD51B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2ACD7B91-77C4-4464-9EF4-7046725CDE70}" = lport=139 | protocol=6 | dir=in | app=system | "{2F823BEC-5B1D-407F-89E2-18A66B4F2D2C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3471DA35-1E30-44C0-8C2A-63E1A38B68EA}" = lport=80 | protocol=6 | dir=in | name=war thunder | "{375529FC-8533-41F5-BD8D-2EF03677BA93}" = rport=137 | protocol=17 | dir=out | app=system | "{429D60C1-E078-4BEA-AF92-9D6D38B414BE}" = lport=20443 | protocol=6 | dir=in | name=war thunder | "{47BEB882-A0F1-468F-8522-6FD601B9DC6A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4C7815F5-386F-443C-957D-12682AA36C50}" = lport=10243 | protocol=6 | dir=in | app=system | "{56CD28A3-3B7A-4759-8D0F-F0F2E4D7EB05}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{62F29DB1-70E1-4BF0-B02B-85830581FF96}" = lport=443 | protocol=6 | dir=in | name=war thunder | "{668AE9A7-7A70-4C6F-B6B5-2C92D1AF8969}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{687C03B2-1894-4083-B2BC-284CCDE52062}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{712163FA-E68F-4A2F-9437-C7B0F42686A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{76FFE1FD-34DE-47D9-9D7C-89C4B37F9203}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7F19E128-9F96-4804-906D-3EB7D8BA58DB}" = lport=2869 | protocol=6 | dir=in | app=system | "{80EC7397-E380-43D2-A8F3-C0831E382BB3}" = lport=27022 | protocol=6 | dir=in | name=war thunder | "{94782AFA-584F-4C9F-BBC2-8BF5955067C5}" = lport=20010 | protocol=17 | dir=in | name=war thunder | "{9FD8222A-02A8-4EAB-A5E3-5715744B57EA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{AB71212D-F552-4BCD-9EDB-C724ED2EC0E7}" = lport=7850 | protocol=6 | dir=in | name=war thunder | "{ABA5F951-D534-4B0D-9EA2-B444EB9731EC}" = rport=139 | protocol=6 | dir=out | app=system | "{B5B599FC-7047-4BD3-BB2F-FDC5903C992B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BAEEF583-5E70-4CA0-9B56-F19497219308}" = lport=445 | protocol=6 | dir=in | app=system | "{BDBA0A99-31AB-4E60-844F-0904963049AA}" = lport=6881 | protocol=6 | dir=in | name=war thunder | "{BE90637F-D27B-4621-8526-EE97B1F0CA48}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C2207364-BF52-424E-B123-F3DD8ADDCE2A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C9BD2F03-06C7-4376-841D-4C8A1B806191}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D275E14A-2FF4-425E-A822-5A54876A7384}" = lport=56908 | protocol=6 | dir=in | name=pando media booster | "{D4805593-4EE8-41A6-ACB5-46E46427F0A6}" = lport=56908 | protocol=17 | dir=in | name=pando media booster | "{DB931561-2FAB-4254-B3B3-4903819FB2AA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{DFFF38B5-EAC4-4855-B4D6-BC6C40AEA6EE}" = rport=445 | protocol=6 | dir=out | app=system | "{E0D20599-25D5-4E13-B18D-ED342143F2E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E0EF4A95-EA83-4D80-B3C8-ABC1834C0436}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{E51D906F-5BDB-4A50-ADBC-B8AFADD57056}" = rport=10243 | protocol=6 | dir=out | app=system | "{EA0EF943-4E0A-4AD3-91BD-4EAFCD5E490D}" = lport=8090 | protocol=6 | dir=in | name=war thunder | "{EE6FF819-E5E7-41A8-88BB-83F9CAB8261D}" = lport=56908 | protocol=17 | dir=in | name=pando media booster | "{EEFE33AB-D01D-4150-8B75-A0EF4C7419B7}" = lport=33333 | protocol=6 | dir=in | name=war thunder | "{F294CDFB-D9C7-4AC4-90B6-D5423AB0C352}" = lport=3478 | protocol=17 | dir=in | name=war thunder | "{FB7B1BDC-AF0B-4F6D-B4EC-C612DAEFB9DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02BFE35F-C2FC-4A8E-BACD-A29A95B7AF9E}" = protocol=17 | dir=in | app=e:\program files (x86)\pando networks\media booster\pmb.exe | "{06C8BD53-9469-4137-9EEE-C42A62A292DB}" = protocol=17 | dir=in | app=e:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe | "{07758CFA-2DFF-4F3B-969F-A89FAF8DF66F}" = protocol=6 | dir=in | app=e:\program files (x86)\pando networks\media booster\pmb.exe | "{0C5852F2-AEBD-4E28-ADD9-1BDA33BF572D}" = protocol=17 | dir=in | app=e:\program files (x86)\tunngle\tunngle.exe | "{0DAAA032-FE51-4D6B-BAF0-04ABC00A9A58}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{102F44C2-9E4C-4618-8E9C-2F703ED20FC1}" = protocol=17 | dir=in | app=e:\windows\syswow64\javaw.exe | "{133DB483-49DC-4AF1-93D3-52DAD710F673}" = protocol=17 | dir=in | app=e:\program files (x86)\tunngle\tnglctrl.exe | "{1A2F4E53-A90F-45C6-B6B2-26FFE0E8E014}" = protocol=6 | dir=in | app=e:\program files (x86)\tunngle\tnglctrl.exe | "{1D1590EB-6546-49BC-9C31-5D033C2468DA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1E2DF257-B080-4F86-82DE-EE931579E5D4}" = protocol=6 | dir=in | app=e:\program files (x86)\tunngle\tunngle.exe | "{1E419AC4-8CF4-4A58-B92F-4A05A843BF9C}" = protocol=17 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe | "{20911357-4073-4BE9-BB5A-06087A8D69FE}" = protocol=17 | dir=in | app=e:\program files (x86)\tunngle\tunngle.exe | "{2469818D-B686-4DE3-9785-50571210390D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2730EC19-9F76-4039-B4DC-391A01ACE80E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2FD3F781-7B99-4B41-BF0E-A5326FC44472}" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\as\revolutionclient pl.exe | "{3113DD5D-CA58-4FFE-A251-0D7C3E652137}" = protocol=6 | dir=in | app=e:\program files (x86)\tunngle\tnglctrl.exe | "{317F5B2A-35AC-4AF3-B79C-34417945DB0F}" = protocol=17 | dir=in | app=e:\program files (x86)\tunngle\tnglctrl.exe | "{322D4CB3-544D-4865-B33C-02A762C973F5}" = protocol=6 | dir=out | app=system | "{38803D35-5F05-407A-8E9A-BE63C206B39C}" = dir=in | app=e:\users\paniwladca\documents\the war z\warz.exe | "{3919DF33-FB0F-48D9-ACAD-EBE3ED435F2A}" = protocol=17 | dir=in | app=e:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "{3F95133D-F0A8-4F04-9E78-CB48193B3477}" = protocol=17 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird.exe | "{3FBA11D3-533C-4D58-9ADD-759507A85013}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4123B6D6-DFDC-4EA4-8870-83237D186AB0}" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "{41B4DE34-F3A5-4E8F-BCAD-1FA677C9E7B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{467A8D8F-BD03-4A10-AB32-EE78F39847C7}" = protocol=17 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe | "{51B88FD9-9816-4C64-8B0C-42AEEC05718C}" = protocol=58 | dir=in | app=system | "{5C209D26-C3CE-422F-A80E-26DAEF2FBF87}" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tuor2.exe | "{5DDDFA4A-2C9F-40E8-84CA-D6FB6D4900E3}" = protocol=17 | dir=in | app=e:\program files (x86)\pando networks\media booster\pmb.exe | "{5FEA601D-DE3E-435C-ACB4-31D746927F74}" = protocol=17 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.exe | "{64C16D99-3AEC-4CFF-B9B7-C88CCFC57BFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{663DB408-6DA2-49A2-BC8B-BFFF42A3DB85}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{6C54E23A-EF2A-4987-BCE5-2DFFC711539A}" = protocol=6 | dir=in | app=e:\program files (x86)\tunngle\tunngle.exe | "{74A5EFAB-FBA9-4FBE-AD39-1B0109AF373F}" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tour.exe | "{7560988D-C6A8-48F9-90AB-D297DB05E984}" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tuor2.exe | "{7B229EA8-44D5-440D-86E0-1794870A8C9F}" = protocol=6 | dir=in | app=e:\program files (x86)\war thunder\launcher.exe | "{7EDF847A-FB8D-4BA3-9AF7-BAAF6151BA5A}" = dir=in | app=e:\program files (x86)\skype\phone\skype.exe | "{818DCF06-56F0-457C-BA9A-66476B3C54DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{823C2A3D-73F5-4D34-ABD3-6D7C83225AC6}" = protocol=6 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.exe | "{872F43C9-5007-489F-A233-DD9D48BD73A3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{877506C5-F8E4-4B73-8386-C2493295E8D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8BEA8000-2AB5-43AD-8FD6-FFD7D3C7790A}" = protocol=6 | dir=in | app=e:\windows\syswow64\javaw.exe | "{8D926A93-1BED-4061-8AE3-BD0065D61BB2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8F5D2FC6-A687-46F2-9DC0-6B8EDC9C30EB}" = protocol=6 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe | "{915D689C-A738-492F-B87A-0EF8CFD98D51}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{971AFB40-854C-406A-A6E1-A2D7FF95A62A}" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\as\revolutionclient pl.exe | "{A645E933-B606-42DC-AA3F-03FA56321727}" = protocol=17 | dir=in | app=e:\program files (x86)\war thunder\aces.exe | "{A7D120EF-5CEB-4C0E-AA97-EB011150B23A}" = protocol=6 | dir=in | app=e:\program files (x86)\pando networks\media booster\pmb.exe | "{B5BD3BAC-9DAF-4E49-9658-35A360588D52}" = protocol=6 | dir=in | app=e:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "{C070F3B4-436C-422A-B0C5-A389B1CA1203}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C5AADD6F-1DE9-460E-969C-4EAE0C13633C}" = protocol=6 | dir=in | app=e:\program files (x86)\war thunder\aces.exe | "{C831BB10-57F2-4328-BB44-062DB786DBFD}" = protocol=6 | dir=in | app=d:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "{C88DC2ED-A506-4E30-969E-C3C590D2BDDF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{CA45339C-7285-4BA3-859A-B7966586214F}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steam.exe | "{CE5970AA-9E33-41F5-B256-FB673A06224B}" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "{D1BDABDF-73D8-4099-A1C0-069F734E1D49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D504FBDB-E035-405A-A85D-442F3ECD6A03}" = protocol=17 | dir=in | app=d:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "{D6F877EE-057E-4F99-A0A9-A6BA267005DB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{DB636089-8590-4FA8-8884-C28969A8CE5E}" = dir=in | app=e:\program files (x86)\pando networks\media booster\pmb.exe | "{DD03E9A5-3293-4BBE-BD1C-B0F8C456BF57}" = protocol=6 | dir=in | app=e:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe | "{E533C0A6-04BB-4249-AE3A-5561C89DD2F3}" = dir=in | app=e:\program files (x86)\war inc battlezone\warinc.exe | "{E5E3F821-7464-49AC-BD32-ADD65A0352CE}" = protocol=6 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird.exe | "{E6074591-F206-46A3-B97C-018CDE6237A3}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steam.exe | "{E61C17C1-5A0E-4579-B3F2-FA06B5571983}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E658E686-4B88-4122-B514-F68503B3DCE4}" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tour.exe | "{E7C6BE13-5993-411B-A535-D9ACCE0412F6}" = protocol=6 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe | "{EA2B9BDD-8DF3-4B69-AD20-ECC463CAB7AD}" = protocol=17 | dir=in | app=e:\program files (x86)\war thunder\launcher.exe | "{EA427045-A56A-4544-A724-90CB9C101F9B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F1F3A384-E313-479F-9427-5722567DA588}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "TCP Query User{0E42E5F6-83AB-40CA-B27D-3DE4F7CC0B83}E:\users\paniwladca\desktop\as\revolutionclient pl.exe" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\as\revolutionclient pl.exe | "TCP Query User{0FB60DAB-8506-43F0-94C1-99AAF96F35D7}E:\grayst\grayst.exe" = protocol=6 | dir=in | app=e:\grayst\grayst.exe | "TCP Query User{1A7F1F2B-C0A9-4BB1-9177-17C5565E4107}E:\program files (x86)\war thunder\aces.exe" = protocol=6 | dir=in | app=e:\program files (x86)\war thunder\aces.exe | "TCP Query User{1AB9AEDD-536F-447B-AD1B-6276F7BC4208}E:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=e:\windows\syswow64\javaw.exe | "TCP Query User{1B3B51F8-9FA1-4F5E-8F95-C50618ABDE53}D:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe" = protocol=6 | dir=in | app=d:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "TCP Query User{4281397A-462C-4F77-957A-948D11245CF6}C:\program files\valve\hltv.exe" = protocol=6 | dir=in | app=c:\program files\valve\hltv.exe | "TCP Query User{50E74A97-1D3B-4994-91FE-854C759F40EF}E:\program files (x86)\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=e:\program files (x86)\need for speed most wanted\nfs13.exe | "TCP Query User{5ECB3554-7C73-4E60-8BCE-EF4945532644}E:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{69FA0547-9685-49A7-B1B8-232C81FC122F}E:\users\paniwladca\downloads\infernomt2\infernomt2.dll" = protocol=6 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.dll | "TCP Query User{7166A38B-96A9-40F7-B1DC-150A95D2F04A}E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=e:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "TCP Query User{842F0B40-2829-42EA-874D-B46DAF55E8C4}D:\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe" = protocol=6 | dir=in | app=d:\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "TCP Query User{897FEBAF-6BE9-4986-8FB2-4147AE673148}C:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe | "TCP Query User{8B4A3ADD-25EF-4F72-9244-2CAF80BC921E}E:\program files (x86)\thq\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird.exe | "TCP Query User{9F2E7CF5-89B3-4345-9AA2-19CE50C866F5}E:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=6 | dir=in | app=e:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe | "TCP Query User{A32B0FA5-EFF3-4819-984A-0D87312C7B94}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{B299F22F-5207-48CD-8A1A-D8EA7962D276}E:\users\paniwladca\desktop\nowy folder\tuor2.exe" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tuor2.exe | "TCP Query User{B90E8FF7-5485-413F-8267-AC603CA28B06}E:\users\paniwladca\desktop\nowy folder\tour.exe" = protocol=6 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tour.exe | "TCP Query User{C0FEFF8B-4EB9-48F6-B917-B6DC61689483}C:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe | "TCP Query User{D16026D8-BE13-4E64-A72C-A91CC860F208}E:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=e:\gry\counter-strike 1.6\hl.exe | "TCP Query User{D9DE69B7-EF52-4B78-BB31-63B2EBB0209C}E:\users\paniwladca\downloads\infernomt2\infernomt2.exe" = protocol=6 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.exe | "TCP Query User{FE952632-ED54-44DB-82FD-D8F9EBED4862}E:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe | "UDP Query User{0754CBA6-5FF1-49A7-A5B8-A552976636A9}E:\users\paniwladca\downloads\infernomt2\infernomt2.dll" = protocol=17 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.dll | "UDP Query User{111AC5A8-4A2C-4CF9-A2AE-68A8E811CEC3}E:\grayst\grayst.exe" = protocol=17 | dir=in | app=e:\grayst\grayst.exe | "UDP Query User{240E0DCB-0190-4882-A02E-B9D3FD492F43}E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=e:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | "UDP Query User{2622F147-9207-40BA-98D1-20944CFD7175}C:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\go.exe | "UDP Query User{2CB359EC-1134-4091-BA7B-4DC78CEE55B4}E:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=17 | dir=in | app=e:\users\paniwladca\appdata\roaming\torrentstream\engine\tsengine.exe | "UDP Query User{31A8E017-3B7F-45DE-A547-D2A78ED483B9}E:\program files (x86)\war thunder\aces.exe" = protocol=17 | dir=in | app=e:\program files (x86)\war thunder\aces.exe | "UDP Query User{3553DBE5-8011-4EA1-99A4-0EE44D7E4A48}D:\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe" = protocol=17 | dir=in | app=d:\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "UDP Query User{4DED9953-379D-43BA-AD2E-6B95676E3C24}D:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe" = protocol=17 | dir=in | app=d:\nowy folder (3)\xfifa13\fifa 13 by dwight_dla_www.haszkod.pl\game\fifa13.exe | "UDP Query User{529F016E-B1AC-491A-8C66-E2E1D88BE555}E:\program files (x86)\thq\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird.exe | "UDP Query User{6DFB37C0-6AB5-4FFA-8E86-7E31AAD0ADFD}C:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rhinox technologies\nexanity\nexanity\nexanity.exe | "UDP Query User{7CDB3E30-F6C8-4FCE-86AB-600AB69515B3}E:\users\paniwladca\desktop\nowy folder\tour.exe" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tour.exe | "UDP Query User{865022D3-3AB3-45CB-9847-F9270B2A2ED6}C:\program files\valve\hltv.exe" = protocol=17 | dir=in | app=c:\program files\valve\hltv.exe | "UDP Query User{928B8817-20C8-4E16-A7C1-34E90BBEC5A2}E:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=e:\gry\counter-strike 1.6\hl.exe | "UDP Query User{9DEF41B2-066E-46E4-AD62-253B0FB1B28B}E:\program files (x86)\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=e:\program files (x86)\need for speed most wanted\nfs13.exe | "UDP Query User{B17A9920-81AA-4A8C-81CA-B9DFC38194AB}E:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=e:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{BD1524C5-8DC8-4506-9A8B-8DC9357D3A69}E:\users\paniwladca\downloads\infernomt2\infernomt2.exe" = protocol=17 | dir=in | app=e:\users\paniwladca\downloads\infernomt2\infernomt2.exe | "UDP Query User{C8369F04-53DA-42BE-AB82-13B1E9DEF59B}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{D5CDC6DE-495E-41BD-B942-B516F2F10F9A}E:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=e:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe | "UDP Query User{E537F92C-0379-4A40-8971-1E0A3AC41089}E:\users\paniwladca\desktop\as\revolutionclient pl.exe" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\as\revolutionclient pl.exe | "UDP Query User{F9B7240B-6723-41CB-83E1-F7CC5C4F16BB}E:\users\paniwladca\desktop\nowy folder\tuor2.exe" = protocol=17 | dir=in | app=e:\users\paniwladca\desktop\nowy folder\tuor2.exe | "UDP Query User{FDC543EF-D549-45D9-A60C-0A5721807940}E:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=e:\windows\syswow64\javaw.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR 4.20 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0AB40C7E-FDA5-42B4-A352-3743C54F102B}" = Nexanity Client "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E4F0E65-209E-4713-8BE2-7F8802BB3987}_is1" = War Inc Battlezone version 1.0.0 "{A2F166A0-F031-4E27-A057-C69733219436}_is1" = RaiderZ "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B810D852-DFD6-NFSMW-89A5-CC4D47756DAF}_is1" = Need for Speed Most Wanted version 5.1 "{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version 1.0 "{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.148 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "bi_uninstaller" = Bundled software uninstaller "Counter-Strike 1.6" = Counter-Strike 1.6 v23 "DAEMON Tools Lite" = DAEMON Tools Lite "delta" = Delta toolbar "Delta Chrome Toolbar" = Delta Chrome Toolbar "Evaer Video Recorder for Skype" = Evaer Video Recorder for Skype 1.2.9.96 "Fraps" = Fraps "Google Chrome" = Google Chrome "LiveVDO" = LiveVDO "LogMeIn Hamachi" = LogMeIn Hamachi "Mozilla Firefox 20.0.1 (x86 pl)" = Mozilla Firefox 20.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Saints Row The Third_is1" = Saints Row The Third "SopCast" = SopCast 3.8.2 "Talisman Online_is1" = Talisman Online Ver.1930 "Tunngle beta_is1" = Tunngle beta "xvid" = Xvid MPEG-4 Video Codec [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2262723969-2999158923-2544376579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater "Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era "GG" = GG "TorrentStream" = Torrent Stream 2.0.8.2 "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-04-30 17:28:28 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:12:23 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:13:41 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:16:59 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:34:11 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:36:11 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:37:34 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-05-01 04:37:58 | Computer Name = PanIWladca1 | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, sygnatura czasowa: 0x4d672ee4 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.17725, sygnatura czasowa: 0x4ec4aa8e Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000002b0e Identyfikator procesu powodującego błąd: 0x6f8 Godzina uruchomienia aplikacji powodującej błąd: 0x01ce4647214ce950 Ścieżka aplikacji powodującej błąd: E:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: E:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 6ca23810-b23a-11e2-9649-001fd03e32e0 Error - 2013-05-01 04:54:27 | Computer Name = PanIWladca1 | Source = WinMgmt | ID = 10 Description = Error - 2013-05-01 04:59:07 | Computer Name = PanIWladca1 | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. [ System Events ] Error - 2013-05-01 05:09:29 | Computer Name = PanIWladca1 | Source = DCOM | ID = 10005 Description = Error - 2013-05-01 05:09:29 | Computer Name = PanIWladca1 | Source = DCOM | ID = 10005 Description = Error - 2013-05-01 05:09:27 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:27 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:29 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:30 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:30 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:30 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:30 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-01 05:09:30 | Computer Name = PanIWladca1 | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 < End of report >