OTL Extras logfile created on: 2013-08-24 10:56:38 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\victor\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,69% Memory free 5,00 Gb Paging File | 2,81 Gb Available in Paging File | 56,28% Paging File free Paging file location(s): c:\pagefile.sys 3069 3069 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 26,20 Gb Free Space | 26,83% Space Free | Partition Type: NTFS Drive D: | 87,89 Gb Total Space | 5,64 Gb Free Space | 6,42% Space Free | Partition Type: NTFS Drive E: | 47,33 Gb Total Space | 23,12 Gb Free Space | 48,85% Space Free | Partition Type: NTFS Drive I: | 3,73 Gb Total Space | 1,45 Gb Free Space | 39,04% Space Free | Partition Type: FAT32 Computer Name: VICTOR-KOMPUTER | User Name: victor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-528687877-494001485-4089522204-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Users\victor\AppData\Roaming\File Scout\filescout.exe" /open "%1" Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Users\victor\AppData\Roaming\File Scout\filescout.exe" /open "%1" Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07099A27-D801-45D5-95FA-59640BC6275A}" = rport=139 | protocol=6 | dir=out | app=system | "{1228B55A-C44D-431E-BCFA-19378C5A8994}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{15EA6AC8-C111-4B16-8366-E2CF0F6B96F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1A4F580B-5E59-402B-96AE-5B438A64996B}" = lport=445 | protocol=6 | dir=in | app=system | "{1DD9974B-2D55-4AEE-9783-828CC3F87BC0}" = rport=138 | protocol=17 | dir=out | app=system | "{22F790E3-26BD-4535-968C-59D40037A6F3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{28353E56-781C-4A23-9B4D-21AE63C8DBBB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{2D9F49E7-CA15-40C9-8951-CF900D6FAC72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2E2F0C10-5E64-4B8D-9C30-ABC14FF52F5A}" = lport=138 | protocol=17 | dir=in | app=system | "{2FD665E1-3506-45DA-9886-3B2E87E76209}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{36C8379F-A320-4410-B305-B4A2103E386C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3A0A02BB-D998-412D-996E-537DE5490F66}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{418C0803-1D3F-4D22-8A68-B5C9C78EF091}" = rport=445 | protocol=6 | dir=out | app=system | "{662AA50D-3BAF-4050-BC06-458C4EC5E563}" = lport=10243 | protocol=6 | dir=in | app=system | "{66BC479A-D0A1-4DAC-8339-BF43096D851F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{68C5C0DC-96B2-4DB1-A33C-0C2C3D7966F8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7029D692-B6D0-473D-A7DD-4019DFF0094E}" = lport=2869 | protocol=6 | dir=in | app=system | "{7E83118E-925A-4B6C-A9FC-2B225AAEC22D}" = rport=10243 | protocol=6 | dir=out | app=system | "{83814FFC-F84C-4151-9D94-B7525AFD55E5}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{8A1EA1BC-6FCD-478F-9379-279CDAF149B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{8B1D3D51-1DF7-4B19-AE98-585B3FE36F48}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8BF3917A-E3B5-44AE-9541-B5A44FA32636}" = lport=139 | protocol=6 | dir=in | app=system | "{93202A6B-37AD-45D5-B87E-2E6ED3BAB2AE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{9775AC7C-BF13-44FA-AE6E-4294ADCF433C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{981DBBAE-C0D5-4543-99DB-824586C92529}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AF799849-160F-4BCF-AE39-F3F58CF55B61}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B0D0B393-67E4-4289-8F51-BEC4418B9C64}" = lport=137 | protocol=17 | dir=in | app=system | "{B2D851D7-84E5-411C-857F-445030A64380}" = rport=2869 | protocol=6 | dir=out | app=system | "{B8E07EAA-ABA6-42B8-8852-8374F579565D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BBFD84D4-4A13-4DB5-8135-DBA9F175C753}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{D1A0080F-3A00-422F-BF5E-BFD697752FA5}" = rport=137 | protocol=17 | dir=out | app=system | "{DC92AFE6-239B-49BC-9A7D-253E1C54D04B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{E764B394-515B-4A44-85C9-313CBB84C1B6}" = lport=2869 | protocol=6 | dir=in | app=system | "{E9A9AB43-F33D-4FF8-B735-565C9B215F6D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F0F09433-5A72-45F3-93D2-592CEA12FBA7}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F944A086-02FA-4956-B6C6-C61E4A58C33F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01739B37-F632-40E1-A904-68899BA7A25D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{04A0F01B-6B0B-400A-8D6F-0C07257409D8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{0B08CC38-31AB-425E-AE17-9DC23EAF64BB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | "{0F804DDF-83D1-4910-9C45-75373581B9B5}" = protocol=17 | dir=in | app=d:\games\fifa 13\game\fifa13.exe | "{12913813-9731-4198-80A4-B21B164D1F28}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | "{1590FBBF-81CE-4487-AA2F-4764DB276A4F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{1A41E906-954D-4E15-A616-D6B1E1F2D7BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{1CD12587-2F95-410E-8996-06A7F47F23DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{27F3138A-0F42-40E6-9473-4FC225E6B586}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\need for speed world\gamelauncher.exe | "{2854D020-D6AE-44A0-9DD8-3C7D4CEAC105}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{2DEEF94A-49B2-4D9B-AAC5-69CED53539E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3DECEB72-8409-463C-A51A-79FE03CA11E5}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{448BA77D-A7D6-46F8-9BCD-8501667C4FFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{4729967E-67C0-47C9-9501-DB00431CFE0C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{4F268FDA-DAD5-4B2B-8B09-0D16F7974422}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{539A6093-D68F-4C0C-883B-33F450F0C970}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{563E749B-CDB2-47C6-9DED-F69167992E77}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{5C2B106A-D851-432F-98EC-595CAD634386}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{5C8DB4BE-1FFA-41A8-BD82-903D0253A88F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5E78682F-D00D-4B62-A029-99CC254E8875}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5EBF4C4E-13DF-4C20-AC07-EF8954DDC3BB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{6EDCAAC4-8453-4404-B687-4598805FD1B2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{70EF52A8-1770-482F-B4D9-2849A3394F2E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{776A3D1C-A699-4506-A7E1-43A05ACDD30A}" = protocol=17 | dir=in | app=f:\fscommand\cksocketserver.exe | "{78BCD355-8C02-40BA-A64B-E3508E915C91}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{78DA0E14-B5A0-496A-BE15-E1F63FBC3926}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7B4D2704-AD43-4997-B0E5-64CCDF3A685F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe | "{80AD5962-6C08-467F-8073-3FFA85AF7D57}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{815A9F5E-CD1B-41C5-BF12-E7A9666DD513}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{8243F0C3-9A44-49B5-849A-50CFE1A6C115}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{83D14713-A2A9-4E20-8240-43BA669B3D1B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{8952CF26-9464-4B74-8244-EDAD1BF9D2CC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe | "{8E30A1A5-B517-4CFC-BE2F-C82CAC4D796C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{8FD5BC6F-DFED-4E89-8CDB-49732B6C1447}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{9080E94C-BF2D-4AB2-96A4-6B77374BD69E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | "{93A03DC5-C08A-418F-9D33-289BC84D5D8B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{93B866EC-5A18-425E-89D3-2FFB88A96776}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{948ED3FE-0800-4499-A3F0-C98083A34389}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{94D40DA0-BB5A-4858-AA8D-61678D76C5A6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{95218ECF-8F88-452A-8408-54E550130186}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{95B67231-E01A-4BD2-95AF-18333D9040A4}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{96262F79-D86B-4D8E-9F3A-C9C2A900EC94}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{98BC8A72-D53E-46C9-8186-280FBCDA19C4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{9CEDF4EC-FBB8-4E4D-9CF0-1D97969EFF8E}" = protocol=6 | dir=in | app=d:\games\fifa 13\game\fifa13.exe | "{9F71AE19-007F-40C9-8EF3-1FE3FAE656A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A389030D-D976-4A24-8063-9F01645CF10E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{A739DCA0-2167-403D-910F-39BE686D5644}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{A7F96F44-F180-41D0-83C6-FD1343215BC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A91B159E-02F4-4D3F-9519-6512EA172CD5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A9F7C764-284E-48FA-9817-F92A59381CF4}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{AC1F80A9-5A4A-4550-94D4-B20D0D4B1FC6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{ADC64BAC-1597-44EE-886F-E447F2854636}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AE62E3E0-A127-43D0-88B5-2074D1A33F80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AFE43CDA-F77C-4873-B885-6F54DDC81BF8}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{B0045D68-4FED-425A-BDA4-68F770DBA66A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\need for speed world\gamelauncher.exe | "{B4852973-1447-4384-A8AB-EEC4BA3F4816}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | "{B9E91D38-36C4-47A3-9E35-05F45E857CCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{BB0A6C98-4FE6-4307-A062-E0C9290FB3A7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{BB2F5F41-0BC4-4D4C-82D2-055667CD26E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{BFCD0C1F-1ABD-470C-B963-D2B8AED86F07}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{C2AEDBC0-1691-4355-9763-0BC338F726DF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{C6AD532C-AADF-4BBE-8B2B-88ADC9E6717B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C765F452-5538-4291-9FA3-885861AEC7B0}" = protocol=6 | dir=in | app=f:\fscommand\cksocketserver.exe | "{C76700C6-6221-44D6-B215-854F12EB7ECA}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{C8BCC4A0-2234-4666-9804-3AFD8F3B547B}" = protocol=17 | dir=in | app=f:\fscommand\cksocketserver.exe | "{C9DEAF6A-B178-46C1-95D1-62B2FDE5F167}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CB69490D-2281-437A-8BED-C835ECF5CC52}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{CF34AE04-A2D5-4EC3-889D-565A52F286A6}" = protocol=6 | dir=in | app=f:\fscommand\cksocketserver.exe | "{D063D457-E8A6-42B0-A238-2AAA8FE1A4A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D4687D32-17AB-486C-B28B-37B3FED05181}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D5A988CE-CA52-459F-A0F4-4309D1F22DE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{D7059826-1347-4094-AD3D-5080AB54C8B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{DA0AE1B6-789E-4234-865F-6397EE42A5E9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DA72374E-DDEE-4BDF-9574-C8B2963B22AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | "{DBA72FE0-8F82-41F5-BC68-BB3852DDB0DE}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{E24AC4B3-891E-4AE6-A0C2-24B6F0220744}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{E3A8D305-DF0E-44F1-960B-E70840E478A6}" = protocol=6 | dir=out | app=system | "{EB56F980-411D-4DFE-9E3D-880A5FD7A034}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{EBFC0553-6902-4204-B79F-12AE7094BB5B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F258EBAE-0C77-428C-87E2-3C7038A8B4B0}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{F2DAF931-E1F0-4E8E-9700-7BECAA435F16}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{F561E0C8-716A-475D-86AE-16096B64276F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{F66B2BAF-8C5C-4EF2-82B3-78E23AE7056E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F9DDB62E-EF9D-49E4-9EDC-9A30A1A057BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{FA54CD01-0780-4749-84AE-CE93EE56AD98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{FC641517-F14F-480F-BB10-E5DF62055277}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{68554FC7-CB3A-4B8B-ABDF-5125794FE98E}" = AVG 2011 "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 314.14 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 314.14 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 314.14 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.0.1 (BETA) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 314.14 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 2.47.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FE64B8EF-9D46-4EA3-AAA4-4F596D41230A}" = AVG 2011 "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "72A50F48CC5601190B9C4E74D81161693133E7F7" = Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 7.01.0.9) "AVG" = AVG 2011 "CCleaner" = CCleaner "E0AC723A3DE3A04256288CADBBB011B112AED454" = Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 4.7) "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min "{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}" = Need For Speed™ World "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13 "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) "{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{d05a1414-a955-4c5c-9716-b7777ef86e85}" = F4100 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Activision(R) "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AIMP3" = AIMP3 "ALchemy" = Creative ALchemy "ALLPlayer_is1" = ALLPlayer V5.X "AudioCS" = Creative Audio Control Panel "BFGC" = Big Fish: Game Manager "BFG-Grim Tales - Bloody Mary Collectors Edition" = Grim Tales: Bloody Mary Collector's Edition "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition "FoxArc Screen Capture" = FoxArc Screen Capture V1.2 "Google Chrome" = Google Chrome "InstallShield_{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Madagascar - Escape 2 Africa(TM) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nokia PC Suite" = Nokia PC Suite "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Origin" = Origin "QuicktimeAlt_is1" = QuickTime Alternative 2.9.0 "RealPlayer 16.0" = RealPlayer "TeamViewer 8" = TeamViewer 8 "Tuto_4pc_is1" = Tuto_4pc "uTorrent" = µTorrent "WaveStudio 7" = Creative WaveStudio 7 "Worms Revolution_is1" = Worms Revolution "Yahoo! Messenger" = Yahoo! Messenger [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-528687877-494001485-4089522204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-08-23 15:46:17 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-23 16:28:12 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-23 16:29:30 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-24 02:58:08 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-24 02:59:09 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-24 03:07:16 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-24 03:08:12 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-24 03:18:09 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-24 03:19:26 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-24 03:45:33 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-24 03:46:43 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-24 04:02:04 | Computer Name = victor-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-08-24 04:03:20 | Computer Name = victor-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-05-31 13:56:26 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error - 2013-06-01 03:57:39 | Computer Name = victor-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 19:59:08 na ?2013-?05-?31 było nieoczekiwane. Error - 2013-06-01 03:57:51 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7038 Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error - 2013-06-01 03:57:51 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error - 2013-06-01 04:42:58 | Computer Name = victor-Komputer | Source = DCOM | ID = 10001 Description = Error - 2013-06-01 10:00:36 | Computer Name = victor-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 15:57:32 na ?2013-?06-?01 było nieoczekiwane. Error - 2013-06-01 10:00:54 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7038 Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error - 2013-06-01 10:00:54 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error - 2013-06-01 10:01:34 | Computer Name = victor-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Updater Service for StartNow Toolbar. Error - 2013-06-01 10:46:04 | Computer Name = victor-Komputer | Source = DCOM | ID = 10001 Description = < End of report >