OTL Extras logfile created on: 2013-05-03 17:05:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = K:\anty 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,33 Gb Available Physical Memory | 83,14% Memory free 8,00 Gb Paging File | 7,24 Gb Available in Paging File | 90,51% Paging File free Paging file location(s): d:\pagefile.sys 4096 8192 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 19,43 Gb Total Space | 2,38 Gb Free Space | 12,26% Space Free | Partition Type: NTFS Drive D: | 160,94 Gb Total Space | 34,91 Gb Free Space | 21,69% Space Free | Partition Type: NTFS Drive E: | 42,00 Gb Total Space | 5,43 Gb Free Space | 12,94% Space Free | Partition Type: NTFS Drive G: | 573,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive K: | 7,40 Gb Total Space | 0,86 Gb Free Space | 11,66% Space Free | Partition Type: NTFS Computer Name: MASZYNA | User Name: Storm | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Odkurz tutaj] -- C:\Program Files (x86)\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Odkurz tutaj] -- C:\Program Files (x86)\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | "{07897BE7-F4CC-4594-A7B7-39FD340A7059}" = lport=445 | protocol=6 | dir=in | app=system | "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | "{0E0AFE35-98F8-49F7-94B2-8D7723EA4962}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{13171FB7-07F6-45CC-A6E7-02EFB462B187}" = rport=445 | protocol=6 | dir=out | app=system | "{168C7B07-A4DE-4C43-966D-95768520EC52}" = lport=2869 | protocol=6 | dir=in | app=system | "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4450C782-1B50-4875-92D1-C2D80BF0D576}" = lport=10243 | protocol=6 | dir=in | app=system | "{445D9F7B-E43F-4DF5-999B-35424E044542}" = lport=138 | protocol=17 | dir=in | app=system | "{44AD7D5B-CEB0-403D-9FF8-05B1CD0205D1}" = rport=139 | protocol=6 | dir=out | app=system | "{4920C1A4-D624-494A-84E3-8B6CAF3D0189}" = rport=10243 | protocol=6 | dir=out | app=system | "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | "{5766E68F-0A8B-4159-AE03-0FCEE3999B44}" = lport=137 | protocol=17 | dir=in | app=system | "{595C72D8-270D-4BBD-85AB-FDD14A503475}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{61EBDD57-EF94-4632-93A6-E52F0C93FB00}" = lport=139 | protocol=6 | dir=in | app=system | "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{784EC990-B43A-429A-91B4-C8784085C434}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7937D023-E7BE-4BAA-9255-D2556B1A8C85}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7BDB5ECB-BA28-44AD-87B5-FB355B93E5F7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | "{848F6CFF-A5B1-45D1-937C-E217C782E35D}" = rport=137 | protocol=17 | dir=out | app=system | "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9AB41415-AD05-4FE2-A29C-7A7B134BEC2C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | "{B48B0BD2-51E2-4C34-9C6C-9A509BDAB115}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B7E830A6-7BAE-4020-9CBF-82C9457B8C01}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C7DF91D8-52D1-42C1-9C4D-AD5FE697F3E0}" = rport=138 | protocol=17 | dir=out | app=system | "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DFBEC139-91B2-4EE4-A807-F80265EA036E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E360D7ED-4710-453E-B9C6-E957CFE3C79C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E69C27EA-E1E0-4033-AA08-0F9A13A5C94E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FF0B0036-C4E5-4DCA-8828-FA5EED6A723B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{133716BD-9AA7-480B-9BF4-850F3C040FB3}" = protocol=17 | dir=in | app=d:\lost\lost - zagubieni\yeti_final_win32.exe | "{13A36B68-D64F-4BAE-A719-E027AB40FEF2}" = protocol=6 | dir=in | app=d:\lost\lost - zagubieni\gu.exe | "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{14B1B3EB-E2F3-4A80-8523-11C5FBB065E7}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | "{16477099-428E-44B5-A882-597E0D7FB2F4}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | "{1D673A5D-6D0C-4DB0-9440-9D809ABE55B8}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{24EEA326-368D-4F7A-9C27-D717475A5569}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2848AEA4-9ACA-4E4A-8DCB-57F986DA0D7B}" = protocol=17 | dir=in | app=d:\railroads\railroads.exe | "{289CDA15-0E9A-4738-B748-589DA65D5A40}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2992A3BD-83D8-4E7F-A1FA-00BD1485504E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2BACA413-D841-4DD0-925C-4DE0AD9D13C7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{41142555-84C3-456B-BD00-38DD9621B711}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{47B59F37-4D0A-46CD-A34A-943C85B3299C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{4B1DFA5C-4B2B-4775-9B8D-8F659E56C1DB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4DF27E27-2070-4695-AA8F-2D0B8E226A67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5596BA02-02B4-4E90-A0F3-89A99AB0F29A}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{59686B93-6A48-484E-9913-A17D9D7C3959}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{5DA308AB-21A3-479D-954D-B898B74EEC07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5E8C25F7-C479-494E-AE38-B164A4915D4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5FFE8CD2-349A-443E-B096-76B7F0BAD068}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6A373BFA-C0CB-4BD3-97DD-7E07AB42223A}" = protocol=6 | dir=in | app=d:\lost\lost - zagubieni\detection\launcher.exe | "{7042FC45-41F8-453C-BD90-CA4830F723A1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{72B15ABE-68CD-461E-A6CF-61ABD8D19F4D}" = protocol=6 | dir=in | app=d:\lost\lost - zagubieni\yeti_final_win32.exe | "{72DB8865-9C7E-427F-AA44-E214BC96B0BD}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{7901683E-D96A-4780-BD27-3988CEEB1668}" = protocol=17 | dir=in | app=d:\lost\lost - zagubieni\detection\launcher.exe | "{79E4998C-E408-488E-8383-BDB14E4C4756}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8EEE2E8A-4C00-4169-AE63-8A01C4AC6A30}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{9C7FC427-DB6F-4D96-8D9A-DF7B8C8876E4}" = protocol=6 | dir=out | app=system | "{A25E57B4-31E2-4962-9807-BE16FF9991E8}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{A3EEFCD5-51B2-4F4B-B6FA-721D299F0542}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B2B9ADE9-8986-4923-8335-962354D56CEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BB881C28-835A-408A-913C-D2D456ACFB12}" = protocol=6 | dir=in | app=d:\railroads\railroads.exe | "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | "{BD8B1B45-D71D-4FC4-A23C-EA780CD044AB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C2A1267B-86CC-4EA1-A4F4-4A079BB3EC68}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C3DAB093-1E81-4D11-9F22-818D5CEE144A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C947AEDD-4280-4781-BB3A-0BCE17A1B153}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C9633DDB-6D92-4617-8169-C9B78E4F9D2C}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CFF01011-6686-44BC-A89A-4729CC0D8A7A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D99A44AE-EE99-4EA6-A130-6C44F184145E}" = protocol=17 | dir=in | app=d:\lost\lost - zagubieni\gu.exe | "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EEAC2F12-E8BF-4176-9185-91475A46F9D3}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EFB8F5CC-1EF2-48A4-B79C-F143B7D81EB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EFBD0779-25E7-46CB-AFD3-640072E85BC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F1939459-197E-434F-896F-05FB11F7851B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F35F7270-1016-4F5D-9A68-2ED2BB6668B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F70BC298-0FF0-4FA4-B743-355F7625C130}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FB574E64-A5E1-4817-AD78-182ECF959A12}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "TCP Query User{60EF3C64-AF31-4544-9E32-8EF001B9EBC3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{637B07EA-C4DE-4819-8389-1C30341484E8}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{89898C15-408B-4CA7-B72B-2244CC188F7D}C:\users\storm\appdata\local\apps\2.0\2e9c217l.mly\5vryglco.rrm\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\zuntzu.exe" = protocol=6 | dir=in | app=c:\users\storm\appdata\local\apps\2.0\2e9c217l.mly\5vryglco.rrm\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\zuntzu.exe | "TCP Query User{BE5CDA64-E8D6-4B8D-BC2C-C3E6AA580309}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "TCP Query User{C057563A-EE0D-4F4B-BC15-A8AE492E7D58}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{C5200F3C-9915-4030-8442-3F3B10FCDCE4}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "TCP Query User{CC4186D5-187E-4AAF-9526-E03A1E37CB73}E:\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=e:\the lord of the rings online\lotroclient.exe | "TCP Query User{D1ECC9F7-D3C4-4CE1-9203-22BF00386FDD}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "UDP Query User{1838E428-F74A-4A14-977D-044FA4029536}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "UDP Query User{1B46B25E-EB47-416B-8763-931FD958C3DB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{583D1A1F-2EFB-4500-91E0-7B597DE709EA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{81C55CA5-CC90-4FDA-8F52-F1C9DEB41817}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "UDP Query User{9014273E-8848-4686-B275-4E4D83573045}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{A904755B-578F-4B84-A745-47E0C526FA44}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "UDP Query User{C425B05D-AE36-4D90-A0F5-837AA8CA556C}C:\users\storm\appdata\local\apps\2.0\2e9c217l.mly\5vryglco.rrm\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\zuntzu.exe" = protocol=17 | dir=in | app=c:\users\storm\appdata\local\apps\2.0\2e9c217l.mly\5vryglco.rrm\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\zuntzu.exe | "UDP Query User{D0335EB5-9DCB-41E4-AEE6-74F865004952}E:\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=e:\the lord of the rings online\lotroclient.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit) "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Opera 12.14.1738" = Opera 12.14 "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2702B8FC-6003-4AC6-ADBC-EC65746D800A}" = Lost Via Domus "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{A0569915-A06D-47CD-B090-5D9C273762DF}" = Patch polonizujący do gry Sid Meier's Railroads! "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Polish "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D2FDD182-1367-4148-AC45-0EF1C85C16D6}" = PIT pro 2012 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.03.05.8039 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Black Mirror III/PL-Polish_is1" = Black Mirror III "DAEMON Tools Lite" = DAEMON Tools Lite "EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 7.1.1 Home Edition "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918 "ImgBurn" = ImgBurn "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 7.6.0 (Full) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Thunderbird 17.0.5 (x86 pl)" = Mozilla Thunderbird 17.0.5 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NIS" = Norton Internet Security "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Odkurzacz 11.2 Pro_is1" = Odkurzacz 11.2 Pro "OpenAL" = OpenAL "Opera 12.14.1738" = Opera 12.14 "Planet Horse/PL-Polish_is1" = Planet Horse "R-Studio 5.1NSIS" = R-Studio 5.1 "SP_4e24eecb" = Search Assistant WebSearch 1.74 "The KMPlayer" = The KMPlayer (remove only) "uTorrent" = µTorrent "Winamp" = Winamp [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-04-23 16:13:18 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-24 13:34:44 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-24 14:20:12 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-27 13:46:50 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-27 14:34:45 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-28 13:54:38 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-30 04:24:59 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-04-30 14:42:34 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-05-01 11:15:39 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = Error - 2013-05-03 10:51:24 | Computer Name = Maszyna | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:05 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:13 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2013-05-03 10:56:17 | Computer Name = Maszyna | Source = DCOM | ID = 10005 Description = Error - 2013-05-03 10:56:17 | Computer Name = Maszyna | Source = DCOM | ID = 10005 Description = Error - 2013-05-03 10:56:17 | Computer Name = Maszyna | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 < End of report >