OTL Extras logfile created on: 2012-07-17 16:03:25 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Volendam\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 25,63% Memory free 4,00 Gb Paging File | 2,01 Gb Available in Paging File | 50,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 196,54 Gb Free Space | 84,39% Space Free | Partition Type: NTFS Drive R: | 465,75 Gb Total Space | 448,11 Gb Free Space | 96,21% Space Free | Partition Type: NTFS Computer Name: VOLENDAM-MARINA | User Name: Volendam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-2382277544-854175053-3720969267-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12DE1634-FF25-4C21-AEE9-24D668BCE3B2}" = rport=137 | protocol=17 | dir=out | app=system | "{32B9B85D-E268-4C30-869C-D9581CCE626C}" = lport=445 | protocol=6 | dir=in | app=system | "{3796AB61-38C5-471F-8DA0-5D0FA2DCC883}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3A38657F-9591-441A-9194-71771B07107D}" = rport=139 | protocol=6 | dir=out | app=system | "{3AF87248-0F60-4E05-BA09-17860C65C0B5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{7C5C4E99-52B9-4BF2-9AB7-C9DB463C510C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{7EF3A1F6-E7D4-479B-85C1-832AC23C7762}" = rport=445 | protocol=6 | dir=out | app=system | "{A106FB35-3A32-4A9D-9C78-5AB7B0682B2F}" = lport=138 | protocol=17 | dir=in | app=system | "{ACFB13E8-54D1-430E-9907-A90ED5C6004D}" = lport=139 | protocol=6 | dir=in | app=system | "{AE311C5F-C18D-433C-93E3-8F968501A0B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BD685E7C-75A5-4C86-85CD-34C08554174D}" = lport=137 | protocol=17 | dir=in | app=system | "{D0D5C423-3FF3-4B68-95B8-0019417D3D3D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{E15C0E94-12F7-4714-8377-AD1CE5DEA91E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E3740D0D-2EF4-49F6-931F-415501A3E660}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03236767-3DDC-4D37-9409-D2C8C5C256FB}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | "{13A6EADD-5517-4566-B2A4-1D91A71A2AF1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{141A81F5-9AED-4A98-87DC-BEE61C5D08BA}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "{169AF395-2A08-4CF7-A9BD-9D27214A4766}" = protocol=17 | dir=in | app=r:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe | "{23CD57B7-B85B-4BEA-9C50-5E8B7275359F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{26B66559-60B1-4B61-8ED8-D88D1C9E9DA0}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "{2ACB5772-CA64-4DAB-9BA5-C21E62E98CC5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{2D6F752C-8E59-4021-B995-09A44BF89E37}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{37E37B0C-65A3-48C4-AA60-B01AA035F18D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{410B85AC-906B-4A51-AA7A-14FD2D049ADC}" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "{4282482D-61EC-4922-B621-86519C707FB1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | "{4C184C30-68B8-4E0C-8467-8E8423AC997D}" = protocol=17 | dir=in | app=r:\program files (x86)\counter-strike\hl.exe | "{4D4D6E10-C082-41D4-AADB-6C2AC85843DA}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{513DA461-D3E1-43E0-8F4B-BBE883E3D347}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5F374BF2-CE5E-45E1-BFF7-B80396D59B5B}" = protocol=17 | dir=in | app=r:\program files (x86)\sega\football manager 2012\fm.exe | "{608FC8BB-57B1-4024-BF11-8591793D3846}" = protocol=17 | dir=in | app=r:\program files (x86)\the elder scrolls v skyrim\launcher.exe | "{64E5AAFB-9F2A-4A15-93FA-F41A010AFFD5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{64F7796C-D8BD-46C0-A768-F96F4C448D92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A0A7A03-3541-41C3-8E9B-0D835391ED9C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{6B5994C9-C4D7-491F-84F0-A5B1E3E6D852}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{754830FC-A4AB-4F1E-BFB6-5EF297FEB8BA}" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "{91D9677E-99E0-4448-97EB-690F8EFEB2FF}" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "{9625E82F-ACF4-4805-9123-AADA448937AE}" = protocol=6 | dir=in | app=r:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe | "{9ED549CA-80F5-4A72-B0BA-1A5D2CDFB70D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9F328A53-D25E-4E6B-AE4D-FB4927FCB912}" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | "{A7D5DC16-3B04-4F8F-85D0-09D3978A3931}" = protocol=6 | dir=in | app=r:\program files (x86)\sega\football manager 2012\fm.exe | "{ACD111B0-BA63-4BBB-B13B-CD24951B822C}" = protocol=17 | dir=in | app=c:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe | "{ADDDE456-5108-46CC-AA8A-34F3B8ED7EB3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{AF85B3A2-928A-4CA4-919D-C95E7D8141E4}" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "{B54A64AA-DD56-4E9E-B2C6-8436E7798669}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{B9EB09F3-ACF2-43F0-832C-99EA5547B38D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{C4D47541-69FB-455D-B9D6-602BDE398BC2}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{D298C48F-1ED3-42A3-9C42-3CD89474F79D}" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "{D6583FD1-5D17-4612-8C6B-D8F2018571E7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DB7A7F0C-34B7-4D30-B8EF-FD1BBBB9D86E}" = protocol=6 | dir=in | app=c:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe | "{E04DCA31-B69B-4743-A31C-97F81879DD73}" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | "{E14AAD89-0852-41FB-AC1A-39B992E10809}" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "{E3E01ACB-3A53-4856-A0FB-6056CE5832A1}" = protocol=6 | dir=in | app=r:\program files (x86)\counter-strike\hl.exe | "{EB9F3B28-7946-420B-8377-D8D119E047F1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{EC50A47B-2A67-49DC-99BF-2D081289C23C}" = protocol=6 | dir=in | app=r:\program files (x86)\the elder scrolls v skyrim\launcher.exe | "{ED3283DC-FD72-4106-8A71-20D7B3B41EAB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{EE1286EC-6CC6-4F4F-866C-9920AF23E058}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{F09E48EC-3272-49C5-BD15-EF63389CEC5F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{F52F623A-FAFB-4F59-A9A0-26AC4C985B3E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F7DDA373-E3F2-4FAA-9360-82178218643F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FB9955C8-7511-4298-B75E-5C7827B2CDD3}" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "{FC3FD58E-BA7C-48D2-B208-E3D166D73761}" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{010B081E-2BA0-4DD4-B150-68209A01010D}R:\program files (x86)\counter-strike\hl.exe" = protocol=6 | dir=in | app=r:\program files (x86)\counter-strike\hl.exe | "TCP Query User{18B35BE5-DEC0-45B0-9251-1931D1C0FE8E}C:\program files (x86)\nx client for windows\bin\nxssh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | "TCP Query User{232B4D63-7D19-4A5E-8444-4B45261279D7}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{250DD1D9-B4C3-4845-8A3D-82B78FE8FCFF}R:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=r:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe | "TCP Query User{2DE73965-944A-4842-A423-F0B108DE63FA}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{507F3D9D-D0F8-4021-8F3F-E50DCBEE7783}R:\utorrent.exe" = protocol=6 | dir=in | app=r:\utorrent.exe | "TCP Query User{6ABEF110-A5C9-4792-A454-C786830FF761}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "TCP Query User{7AF82A86-47E3-4606-823A-14571AC6B724}C:\program files (x86)\nx client for windows\nxclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "TCP Query User{8DAFC7EA-F5D5-4E14-BAE6-225C664F43CB}D:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe | "TCP Query User{95FFA31E-E6BF-4C6E-99D3-24BA7A738C53}R:\program files (x86)\sega\football manager 2012\fm.exe" = protocol=6 | dir=in | app=r:\program files (x86)\sega\football manager 2012\fm.exe | "TCP Query User{BAC1B895-9D08-463A-8AFD-62587A90116B}C:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=c:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe | "TCP Query User{E624DA9E-2A3B-4F5C-BCF2-1483848061A6}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{EB4C5A4F-89AA-4F73-B3DD-96CEC4C1D5EA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{07701F4E-7E36-481A-8A45-A05AC283515C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{1A637E66-5BC4-4FE6-9D4E-D8BFF16C7589}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{3AEB0052-5529-439E-A545-78DA148BDD16}R:\program files (x86)\sega\football manager 2012\fm.exe" = protocol=17 | dir=in | app=r:\program files (x86)\sega\football manager 2012\fm.exe | "UDP Query User{452CE307-E6DF-4952-B90A-59AC522BECF9}C:\program files (x86)\nx client for windows\nxclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "UDP Query User{591343FC-6937-4619-BB2C-DCBBEC156B67}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{5FE250F2-08B0-4B2A-9043-C666F674C8B9}C:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=c:\users\volendam\downloads\cod-mw3-steam-unl-pl\call.of.duty.modern.warfare.3.polish.steam.unlocked-tlrg\call of duty modern warfare 3\iw5sp.exe | "UDP Query User{72D045EF-7480-4DDA-A807-6E8E74393226}C:\program files (x86)\nx client for windows\bin\nxssh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | "UDP Query User{7A1721A1-10FF-468A-A50C-11D8969415F3}R:\program files (x86)\counter-strike\hl.exe" = protocol=17 | dir=in | app=r:\program files (x86)\counter-strike\hl.exe | "UDP Query User{A9292C3C-C66D-4450-B3B2-3CDE996460E2}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{DAEB50E7-6AE5-4B1D-A7B5-BCB80C20163E}D:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe | "UDP Query User{DD30CD26-D595-4F6C-AF74-91CB7F4E75D6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "UDP Query User{DEA1A24E-DDF0-4DD7-857B-B6F11235EB56}R:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=r:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe | "UDP Query User{FC1AF511-1435-4F94-B6C3-8B3BD8724AC4}R:\utorrent.exe" = protocol=17 | dir=in | app=r:\utorrent.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64 "{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{63486834-B10B-4DD4-8216-C8D66A157D7E}_is1" = FMRTE 5.1.2 "{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian "{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All "{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy "{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese "{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech "{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai "{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional "{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German "{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common "{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English "{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish "{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1" = Panda Cloud Cleaner "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish "{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Polish "{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish "{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean "{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center "{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "5513-1208-7298-9440" = JDownloader 0.9 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32 "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup" = DivX Setup "ffdshow_is1" = ffdshow v1.2.4466 [2012-07-02] "FileZilla Client" = FileZilla Client 3.5.3 "Football Manager 2012_is1" = Football Manager 2012 "LiveVDO plugin" = LiveVDO plugin 1.3 "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "nxclient_is1" = NX Client for Windows 3.5.0-5 "Opera 12.00.1467" = Opera 12.00 "RealPlayer 15.0" = RealPlayer "SopCast" = SopCast 3.4.0 "TeamViewer 7" = TeamViewer 7 "The KMPlayer" = The KMPlayer (remove only) "uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar "VLC media player" = VLC media player 2.0.2 "vShare.tv plugin" = vShare.tv plugin 1.3 "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2382277544-854175053-3720969267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-17 02:20:25 | Computer Name = Volendam-Marina | Source = VSS | ID = 18 Description = Error - 2012-07-17 02:20:25 | Computer Name = Volendam-Marina | Source = VSS | ID = 8193 Description = Error - 2012-07-17 02:20:25 | Computer Name = Volendam-Marina | Source = System Restore | ID = 8193 Description = Error - 2012-07-17 02:29:15 | Computer Name = Volendam-Marina | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 02:56:40 | Computer Name = Volendam-Marina | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-07-17 03:07:28 | Computer Name = Volendam-Marina | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 06:49:27 | Computer Name = Volendam-Marina | Source = Application Hang | ID = 1002 Description = Program NXWin.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: a90 Godzina rozpoczęcia: 01cd63f466159410 Godzina zakończenia: 326 Ścieżka aplikacji: C:\PROGRA~2\NXCLIE~1\bin\NXWin.exe Identyfikator raportu: Error - 2012-07-17 07:23:45 | Computer Name = Volendam-Marina | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary SCDEmu. System Error: Nie można odnaleźć określonego pliku. . Error - 2012-07-17 08:33:38 | Computer Name = Volendam-Marina | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 09:05:01 | Computer Name = Volendam-Marina | Source = Application Hang | ID = 1002 Description = Program NXWin.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 124c Godzina rozpoczęcia: 01cd641b7ad47150 Godzina zakończenia: 8 Ścieżka aplikacji: C:\PROGRA~2\NXCLIE~1\bin\NXWin.exe Identyfikator raportu: [ System Events ] Error - 2012-07-17 01:08:52 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-07-17 01:08:54 | Computer Name = Volendam-Marina | Source = DCOM | ID = 10005 Description = Error - 2012-07-17 01:09:23 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7001 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-07-17 02:20:25 | Computer Name = Volendam-Marina | Source = DCOM | ID = 10005 Description = Error - 2012-07-17 02:25:07 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-07-17 02:26:16 | Computer Name = Volendam-Marina | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2012-07-17 02:26:48 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-07-17 02:27:35 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7023 Description = Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-17 03:56:35 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7031 Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-07-17 03:58:36 | Computer Name = Volendam-Marina | Source = Service Control Manager | ID = 7032 Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. < End of report >