OTL Extras logfile created on: 2012-08-07 21:06:39 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Soszmen\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 0,45 Gb Available Physical Memory | 15,08% Memory free 6,00 Gb Paging File | 2,65 Gb Available in Paging File | 44,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50,03 Gb Total Space | 20,99 Gb Free Space | 41,95% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 17,12 Gb Free Space | 17,53% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 39,24 Gb Free Space | 40,18% Space Free | Partition Type: NTFS Drive F: | 19,43 Gb Total Space | 19,29 Gb Free Space | 99,26% Space Free | Partition Type: NTFS Drive G: | 33,21 Gb Total Space | 16,45 Gb Free Space | 49,52% Space Free | Partition Type: NTFS Computer Name: SOSZMENCFC | User Name: Soszmen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts] "Enabled" = 1 "AllowUserPrefMerge" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List] "20000:TCP:192.168.1.11:enabled:utorrent" = 20000:TCP:192.168.1.11:enabled:utorrent "20000:UDP:192.168.1.11:enabled:utorrent" = 20000:UDP:192.168.1.11:enabled:utorrent [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings] "AllowOutboundDestinationUnreachable" = 0 "AllowOutboundSourceQuench" = 0 "AllowRedirect" = 0 "AllowInboundEchoRequest" = 1 "AllowInboundRouterRequest" = 1 "AllowOutboundTimeExceeded" = 0 "AllowOutboundParameterProblem" = 0 "AllowInboundTimestampRequest" = 0 "AllowInboundMaskRequest" = 0 "AllowOutboundPacketTooBig" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework] "Enabled" = 1 "RemoteAddresses" = [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts] "AllowUserPrefMerge" = 1 "Enabled" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List] "20000:TCP:192.168.1.11:enabled:utorrent" = 20000:TCP:192.168.1.11:enabled:utorrent "20000:UDP:192.168.1.11:enabled:utorrent" = 20000:UDP:192.168.1.11:enabled:utorrent [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings] "AllowOutboundDestinationUnreachable" = 0 "AllowOutboundSourceQuench" = 0 "AllowRedirect" = 0 "AllowInboundEchoRequest" = 1 "AllowInboundRouterRequest" = 1 "AllowOutboundTimeExceeded" = 0 "AllowOutboundParameterProblem" = 0 "AllowInboundTimestampRequest" = 0 "AllowInboundMaskRequest" = 0 "AllowOutboundPacketTooBig" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework] "Enabled" = 1 "RemoteAddresses" = [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts] "Enabled" = 1 "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List] "20000:TCP:192.168.1.11:enabled:utorrent" = 20000:TCP:192.168.1.11:enabled:utorrent "20000:UDP:192.168.1.11:enabled:utorrent" = 20000:UDP:192.168.1.11:enabled:utorrent [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings] "AllowOutboundDestinationUnreachable" = 0 "AllowOutboundSourceQuench" = 0 "AllowRedirect" = 0 "AllowInboundEchoRequest" = 1 "AllowInboundRouterRequest" = 1 "AllowOutboundTimeExceeded" = 0 "AllowOutboundParameterProblem" = 0 "AllowInboundTimestampRequest" = 0 "AllowInboundMaskRequest" = 0 "AllowOutboundPacketTooBig" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework] "Enabled" = 1 "RemoteAddresses" = [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts] "AllowUserPrefMerge" = 1 "Enabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List] "20000:TCP:192.168.1.11:enabled:utorrent" = 20000:TCP:192.168.1.11:enabled:utorrent "20000:UDP:192.168.1.11:enabled:utorrent" = 20000:UDP:192.168.1.11:enabled:utorrent [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings] "AllowOutboundDestinationUnreachable" = 0 "AllowOutboundSourceQuench" = 0 "AllowRedirect" = 0 "AllowInboundEchoRequest" = 1 "AllowInboundRouterRequest" = 1 "AllowOutboundTimeExceeded" = 0 "AllowOutboundParameterProblem" = 0 "AllowInboundTimestampRequest" = 0 "AllowInboundMaskRequest" = 0 "AllowOutboundPacketTooBig" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework] "Enabled" = 1 "RemoteAddresses" = [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DisabledInterfaces" = {45F2D559-7E11-48A9-9089-605FD18F1A68},{605CC034-A397-4701-BC1F-62FA38CC0399} "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DisabledInterfaces" = {45F2D559-7E11-48A9-9089-605FD18F1A68},{605CC034-A397-4701-BC1F-62FA38CC0399} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DisabledInterfaces" = {45F2D559-7E11-48A9-9089-605FD18F1A68},{605CC034-A397-4701-BC1F-62FA38CC0399} [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01A34268-5AB5-48ED-B433-5116EB8736FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{0555EBBA-9BD1-43A2-8412-62115A680A52}" = rport=139 | protocol=6 | dir=out | app=system | "{099CBA90-6F2D-49B1-B2CB-3204BB0827F2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{2E2C04CE-C8D9-489D-916D-CFA46FA62104}" = lport=139 | protocol=6 | dir=in | app=system | "{3471D32A-EAAF-4446-9DFE-164190FFCEBE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5D05E444-3F4E-4052-B6A0-EE3B051DBDF7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{63FC4770-D9AB-41C9-ADCE-B2BC97DCEE08}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{68ABDA6F-700E-4774-942B-93650B683F35}" = lport=445 | protocol=6 | dir=in | app=system | "{6988BEB3-5163-45B1-AFBF-CF8826A0AEC8}" = rport=445 | protocol=6 | dir=out | app=system | "{7C5763C2-D3BC-4B89-A00D-348BCD795DCC}" = lport=138 | protocol=17 | dir=in | app=system | "{9672A2E4-4CAD-400F-8E0A-F4F5F1DBFA29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9AFD3072-0A6A-4858-B45C-FE2CA4BC7C38}" = rport=137 | protocol=17 | dir=out | app=system | "{CCCD60C1-BA4A-4D53-9AB2-68463D9C9B8C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{D26D9BDB-2EBF-4307-9B2E-F4206ED37620}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E45A05C4-311F-4F6D-9C1E-CBC5E5BE72BC}" = rport=138 | protocol=17 | dir=out | app=system | "{E495353A-D30C-4427-B78F-0E34D12F0BEF}" = lport=137 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05298291-A09E-4779-9F00-45529CE2259C}" = protocol=6 | dir=in | app=d:\gry\pes 2012\pes2012.exe | "{0A09A767-2327-4D82-8FBE-3CA711DD04B6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0C784BE1-1A9A-404B-9023-0783729C80BA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1070A848-D9CA-4798-B483-A87B89193CFD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1A136D9A-B500-4A19-B3A2-4585482F2E8E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1DF03C9B-FDA3-4975-921C-CDC129D22D86}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{1F5CF3F5-E755-4231-8F10-4DB7606F7638}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrentt\utorrent.exe | "{3A2BDCC0-167E-446E-8901-4EA3669F7310}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{3A416514-B3B0-4C6C-8686-1997E6321D2F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{42D60244-D171-400B-AF07-E3FD06375A50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5FAA49DE-830B-4E29-949F-CB69C68694D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{615F65B4-17AD-40FA-8E4E-61CBE7C5F4B0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrentt\utorrent.exe | "{6376269C-87E2-4BFD-BBA7-7E85C642845C}" = protocol=6 | dir=in | app=d:\gry\pes 2012\fire patch - euro.exe | "{6EF882C5-FBD0-4636-9A45-8745455E1F0A}" = protocol=6 | dir=in | app=d:\gry\steam\steam.exe | "{7BB8EFF4-86D0-415B-870C-1EDA84BF098F}" = protocol=17 | dir=out | app=%programfiles% (x86)\utorrent\utorrent.exe | "{7F9F08C2-CB86-4FD2-8D27-52D661B58100}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{95636364-F9C5-4938-8E28-1EC58A2683A1}" = protocol=17 | dir=in | name=port2 | "{9577054E-AA06-4B22-B039-DAE99CA6D9A1}" = protocol=17 | dir=out | name=port2 | "{9E172847-4A68-4EEB-94C9-AC57BF440C43}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{A02AE03B-AB63-4DDB-9139-4AFAC0E126F5}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\common\football manager 2012\fm.exe | "{A0B47690-9ECE-4FAD-8880-4F60FCE038B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{A6D53578-3958-4BAE-94B2-5C1931F354D0}" = protocol=17 | dir=in | app=d:\gry\pes 2012\pes2012.exe | "{AD32823E-66A2-4C5A-8298-C2A30A36457F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C9229E6E-A2F5-4E1B-9E31-7FDE4B5E8BB9}" = protocol=6 | dir=out | name=port | "{D6677371-7F06-4A13-A2A9-D3AB083B4019}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\common\football manager 2012\fm.exe | "{D861E67C-1783-4BF3-826F-2738B22DE2AA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DE1F191E-D8FE-49D3-90E8-C45FF9C26FE3}" = protocol=6 | dir=out | app=%programfiles% (x86)\utorrent\utorrent.exe | "{E6B35203-88C6-479C-9768-96302C4C65ED}" = protocol=6 | dir=in | name=port | "{EA9BC012-184E-4B72-A86E-45F1AF3BE989}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{EB0EF7E6-A9C5-4F81-97E6-846E909C701D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FA40EB8B-5CE8-4A22-A759-B0A5CABEDEB0}" = protocol=17 | dir=in | app=d:\gry\pes 2012\fire patch - euro.exe | "{FF9AA354-8661-4DC3-BC29-605C1F2D3FAE}" = protocol=17 | dir=in | app=d:\gry\steam\steam.exe | "{FFAF374B-04B4-4B1A-B72C-91701C100959}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "TCP Query User{4EC857B7-676F-4B74-9BFF-E020DF55DE57}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{EE2F2177-6E45-40D6-A19F-ABA3797C15EC}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{15579F98-0E04-4B43-83E7-C7D28CE028A6}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{2F3BCE0C-A0F0-4480-B75A-09745BA484C3}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0CC4F67D-D41D-8C1A-C605-39154DDEAC63}" = AMD Fuel "{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding "{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64 "{3ABFAF33-D6EE-9348-CE96-AF51E9D6D2FF}" = AMD Drag and Drop Transcoding "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian "{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish "{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All "{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy "{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese "{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech "{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai "{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional "{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German "{65F8E0A6-A290-4D47-B391-D6353D756854}" = Pro Evolution Soccer 2013 DEMO "{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek "{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian "{6B714273-F9B5-4C11-A920-F06FC5B4DA80}" = Rollercoaster Tycoon 2 "{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance "{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire "{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English "{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish "{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish "{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean "{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian "{D544AE4C-4152-225B-A897-6756C8986B14}" = AMD VISION Engine Control Center "{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012 "{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish "{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "avast" = avast! Free Antivirus "Diablo III" = Diablo III "ENTERPRISE" = Microsoft Office Enterprise 2007 "FM Genie Scout 12_is1" = FM Genie Scout 12 version 1.1 "Fraps" = Fraps "InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance "InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor "IrfanView" = IrfanView (remove only) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300 "Mp3 Knife_is1" = Mp3 Knife 3.4 "MTA:SA 1.3" = MTA:SA v1.3 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "RocketDock_is1" = RocketDock 1.3.5 "Rockstar Games Social Club" = Rockstar Games Social Club "SopCast" = SopCast 3.5.0 "SpeedFan" = SpeedFan (remove only) "Steam App 71270" = Football Manager 2012 "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "Winamp" = Winamp "WinRAR archiver" = WinRAR 4.11 (32-bitowy) "Xfire" = Xfire (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1753402875-1730602163-4264554303-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "TeamSpeak 3 Client" = TeamSpeak 3 Client [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-07 11:29:17 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 11:34:14 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 11:57:27 | Computer Name = SoszmenCFC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Zone Alarm Firewall Driver. System Error: Nie można odnaleźć określonego pliku. . Error - 2012-08-07 11:57:27 | Computer Name = SoszmenCFC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service TrueVector Internet Monitor since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error - 2012-08-07 12:04:20 | Computer Name = SoszmenCFC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Zone Alarm Firewall Driver. System Error: Nie można odnaleźć określonego pliku. . Error - 2012-08-07 12:04:20 | Computer Name = SoszmenCFC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service TrueVector Internet Monitor since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error - 2012-08-07 12:28:29 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 12:44:52 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 13:25:31 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 13:35:18 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 14:11:20 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = Error - 2012-08-07 14:17:46 | Computer Name = SoszmenCFC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-08-05 10:42:41 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.11. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:43:12 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 5.239.63.138. Komputer o adresie IP 5.54.107.232 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:47:52 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.11. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:48:22 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 5.239.63.138. Komputer o adresie IP 5.54.107.232 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:53:02 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.11. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:53:32 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 5.239.63.138. Komputer o adresie IP 5.54.107.232 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:58:12 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.11. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 10:58:42 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 5.239.63.138. Komputer o adresie IP 5.54.107.232 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 11:03:22 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.11. Komputer o adresie IP 192.168.1.1 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2012-08-05 11:03:52 | Computer Name = SoszmenCFC | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 5.239.63.138. Komputer o adresie IP 5.54.107.232 nie zezwolił na przejęcie tej nazwy przez ten komputer. < End of report >