OTL Extras logfile created on: 2012-06-07 23:22:14 - Run 1 OTL by OldTimer - Version 3.2.46.2 Folder = C:\Users\1\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,85 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 66,60% Memory free 7,71 Gb Paging File | 6,15 Gb Available in Paging File | 79,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 445,66 Gb Total Space | 263,13 Gb Free Space | 59,04% Space Free | Partition Type: NTFS Computer Name: 1-KOMPUTER | User Name: 1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .reg [@ = regfile] -- regedit.exe "%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .reg [@ = regfile] -- regedit.exe "%1" [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0613EF0D-CF52-4F44-B0F5-914FFC6228A9}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | "{0BC547B5-12F6-4A86-9CD7-50033AF5416C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{0BED846D-D2F5-471B-B148-7D7A2E4A04A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{11A012E1-9C00-4BBA-AB1A-98B64FDB2BF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{17B4C3C7-CE1F-4115-8066-76F581EF1A04}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{22863D02-274B-43D5-9C1E-D8D01D5E6EC4}" = lport=138 | protocol=17 | dir=in | app=system | "{28F03FCD-E4EE-4CC0-8B7B-8DB3159CCCD5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2AB11915-6A1E-42BE-A1F7-8708129E2FF9}" = rport=10243 | protocol=6 | dir=out | app=system | "{2F4B8921-2D87-4574-9DD3-DF4EF07ED824}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3161EB0A-0F4A-4069-BC9F-E52E0A0526BC}" = lport=139 | protocol=6 | dir=in | app=system | "{3772DFF9-E961-4D8B-B86E-AA0AF2CC78C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4718FF6C-7C41-490E-B1CA-E60A1351F6A6}" = rport=139 | protocol=6 | dir=out | app=system | "{51EF9D67-0F65-468D-A375-51446504A1F2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{617617AF-F0D8-478B-B92C-AB1C64C74D6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{64D69593-E37B-46B5-98E4-2F61EA957717}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6F83D82F-2143-432F-B1AD-2763B693E54C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{74BDA614-E1DC-4783-9E3F-5F6DC5432134}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{785E50E5-0DBB-4E77-AB06-E03795795F91}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{7FDC89EE-F661-4BFF-9D12-7C89EACB84FA}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | "{7FDDA505-9407-4691-826A-CE9EB2971E22}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{841D1726-6E94-422B-A3DA-3E28CA164EBE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{8AEED784-28C7-4A14-B03E-01F8B53DA005}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{8CA9ADD8-AC4B-4952-8376-156F768C5DAC}" = lport=10243 | protocol=6 | dir=in | app=system | "{9C1A91A0-42C7-4070-B8DB-AA425CC213DD}" = rport=445 | protocol=6 | dir=out | app=system | "{A14D167B-C5BD-44A5-9EB3-0E0EEC84958D}" = rport=138 | protocol=17 | dir=out | app=system | "{ADA59AF6-9120-4659-886D-FC8C3DAF13AD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B7125A1A-2B6A-4885-8A57-CD6D06A33F4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C8A952B0-14CB-43CA-87CE-BB8C53B21D2D}" = lport=2869 | protocol=6 | dir=in | app=system | "{D04F59F6-4E80-4635-B968-BDDD463AA573}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3AA91DC-0312-4594-BB6A-B97B60062F48}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{EE3344F0-C72E-464D-8444-F1AA9931D2A8}" = lport=445 | protocol=6 | dir=in | app=system | "{F680A164-BDA8-4C14-BE5D-2A7626F16F58}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | "{F74F743B-030F-4DFF-93E9-BFB6AE1E80D9}" = lport=137 | protocol=17 | dir=in | app=system | "{FA99AA1A-E811-47A5-BBC0-5508A344AB1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FCD421DC-5C4F-4A90-B2CA-AFC66EB86E7C}" = rport=137 | protocol=17 | dir=out | app=system | "{FEB78CFF-83E8-4E7B-BB0A-BE22B027477F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0F088756-99D4-4D75-9611-631FB03945E8}" = protocol=58 | dir=in | app=system | "{125C633F-8597-4F7B-82D0-97AF695ED2EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1EAFDF54-8068-456E-8F24-2801E3F4D876}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{1F80F768-7DE5-4C22-84DD-EB98A083696E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{24E21CD1-1074-495F-87D6-16CB10D14A7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{27A4B5C9-DCE8-4F76-95A2-A1B2E76FD103}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2F6046C4-434D-4E42-BBE4-1F079EF1D911}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3FAA6237-AD8F-422B-AA14-629E4EFC243D}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "{43D3A681-09E8-4C6B-B878-921C1BCA5BC2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{5236FC7B-9564-4005-94A3-0AE0D8EF144A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5354C3F8-F5D6-41E5-90FB-68822C1A2908}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "{573DB561-C2C6-4EE7-B526-37083134DA82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{648FB791-BF0B-4BCE-BCE8-14EAD9B6FD2B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{66503BE0-45EE-4907-8429-C4EA62D77D77}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6A7F4BD5-6B9A-4D6C-AAEA-FC8633E2AF83}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7D02963B-BC50-4923-B545-D52297E0FCBE}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "{7D369C83-0154-4B46-96C7-15CB04F6D87C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{839D4AE7-6DE1-441A-A41C-371721A24CF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8C13C50C-7725-4A61-902B-C50E7AF456FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8E987589-F9F8-46EF-9600-CE473FF362FC}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{941329ED-9467-4C31-A53D-A927D8A1CABD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{98767CA9-9D40-47E1-A078-A8AF9CCCCC44}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{9D2AE1DA-4250-46BD-8610-8C2631BA6467}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{9EF0172C-8A44-4A7E-9101-120675D380E0}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "{AD8FEFF7-1FAC-48C3-A133-C86DF27CC1EB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{AE9A21C7-885B-4B03-8F4F-BED76D063E6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B4E169FA-7832-4232-B6C2-6B619ECEE99A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BC29AC69-54A1-4363-9F17-2367E15F9332}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{BEA5FA8C-BD66-40F1-B147-6EE012F93EF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{C4F7796B-9332-4FBD-9605-002FEBD7F17C}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{C775EC2F-8098-4C27-82F3-0A169C4D9DC6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{CA5A5684-3640-46C9-BED6-B50ACC24C75D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{CECC9052-F9C9-4CEC-B2CB-EA9C9CB505E1}" = protocol=6 | dir=out | app=system | "{D23468A7-0004-4351-BAAA-A398191DB04D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{E49D7DB6-3C60-4BBB-ADA3-71AF1C032E93}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E8B84FA3-792C-4D96-BE8F-921FCCEE5326}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E912C654-8356-4F99-A172-24210B05E710}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{EE920AB9-3A25-41A7-BD94-C47F8C0471DA}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{EEC68A58-3F2E-44B3-BEF2-7BD3247B0D69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F03012E4-48B5-4418-9502-82CD1DBD9F8C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F9B4639B-8280-4714-925A-47EC052C891C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "TCP Query User{03E6E872-6407-4C8C-B4E0-61A2E3BAEAA8}E:\inne\denasty mt2\denasty mt2\denastymt2.exe" = protocol=6 | dir=in | app=e:\inne\denasty mt2\denasty mt2\denastymt2.exe | "TCP Query User{0E642D98-251E-47AF-9B7E-9572F4B5D5E8}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe | "TCP Query User{10FC4A1E-7945-4481-92AF-1DF7DAFC0E05}E:\gry\activision\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=e:\gry\activision\modern warfare 2\iw4mp.exe | "TCP Query User{270FDD42-58BF-4DA2-A308-F5E9C82561D0}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{32728465-AF7B-456D-8A4A-15EC86805FA7}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "TCP Query User{597C2ADF-370A-4149-AC59-BB73762929A7}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{7CA6100A-AEA1-4188-B94E-1ABB7ED4449A}I:\gry\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=i:\gry\battlefield 2\bf2.exe | "TCP Query User{95FBD144-1988-4BDF-BDB6-0AB98B8C2431}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "TCP Query User{A32C6F26-35D1-411E-BCE1-D31D61FCD709}E:\gry\activision\modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=e:\gry\activision\modern warfare 2\iw4mp.dat | "TCP Query User{A759AE78-6598-455B-AAD6-4B3CB08FC55C}E:\inne\lul\metin2-rising2.exe" = protocol=6 | dir=in | app=e:\inne\lul\metin2-rising2.exe | "TCP Query User{BC4C0796-DCD3-41EB-89C7-DF05B1F851D0}H:\inne\lul\metin2mod.exe" = protocol=6 | dir=in | app=h:\inne\lul\metin2mod.exe | "TCP Query User{D7C6E9AE-BAAD-4301-BCED-413280180278}E:\inne\denasty mt2\denasty mt2\mc.exe" = protocol=6 | dir=in | app=e:\inne\denasty mt2\denasty mt2\mc.exe | "TCP Query User{DAB9AEF5-F6E3-41E5-9F03-B88D00D00B0C}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{F8D711D6-3986-48C4-A178-4099FFD7BDA7}E:\inne\lul\denastymt2.exe" = protocol=6 | dir=in | app=e:\inne\lul\denastymt2.exe | "UDP Query User{04BEB999-2318-4E20-9E41-8746F372DC8D}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{18FF9BDF-0B24-4694-BA8B-23A7C81B1FCA}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{2BE64BA8-D0C7-41FB-967B-D11278C6FF00}E:\inne\denasty mt2\denasty mt2\mc.exe" = protocol=17 | dir=in | app=e:\inne\denasty mt2\denasty mt2\mc.exe | "UDP Query User{2D45669B-361F-49D9-8AAE-1514E86EB7BD}E:\gry\activision\modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=e:\gry\activision\modern warfare 2\iw4mp.dat | "UDP Query User{498465BC-A6DB-4119-A899-46DBF5169C80}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe | "UDP Query User{78783245-E737-48F1-BD12-EA16ECF09482}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "UDP Query User{8303A848-B46A-48B3-B570-E7BB1DA1ABA1}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "UDP Query User{A19336E8-735D-464A-946D-B106FBE8731C}I:\gry\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=i:\gry\battlefield 2\bf2.exe | "UDP Query User{AA45DD2D-0F7B-4E8B-8155-42B52E08E5FB}E:\inne\lul\denastymt2.exe" = protocol=17 | dir=in | app=e:\inne\lul\denastymt2.exe | "UDP Query User{AB1E4D39-6526-40EC-952E-1D21A3F6EB4D}E:\inne\denasty mt2\denasty mt2\denastymt2.exe" = protocol=17 | dir=in | app=e:\inne\denasty mt2\denasty mt2\denastymt2.exe | "UDP Query User{AB757846-64E3-405D-AABC-E4486BC6795D}E:\gry\activision\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=e:\gry\activision\modern warfare 2\iw4mp.exe | "UDP Query User{AEE8370B-4AFC-4783-B815-F9949001BEC2}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{C784B425-6A0C-4838-BA88-71052D70B8D8}E:\inne\lul\metin2-rising2.exe" = protocol=17 | dir=in | app=e:\inne\lul\metin2-rising2.exe | "UDP Query User{FF80FC38-81E8-43B2-A37B-386137118ED8}H:\inne\lul\metin2mod.exe" = protocol=17 | dir=in | app=h:\inne\lul\metin2mod.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0D98B285-0777-B3B7-7A3D-9C85422203B9}" = ccc-utility64 "{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit) "{418A8D89-B9AA-B872-5927-3D1A052CEAA8}" = AMD Media Foundation Decoders "{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8924F1FE-8AC5-C2AE-59EF-C5D65B226933}" = AMD Catalyst Install Manager "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{D7647425-7A6F-4DC6-9F9A-71148AB424CD}" = ESET NOD32 Antivirus "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom Wireless Utility" = Broadcom Wireless Utility "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{06870F63-4D1C-171F-9552-368D3890D92F}" = CCC Help French "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{14CE04AF-0EBC-B865-382F-1FB466CAC301}" = CCC Help English "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1DBC5882-96E2-3A01-A32C-9B6F6EF6CF25}" = CCC Help Korean "{1F36B20F-7408-EC75-2825-E9FE81B0339D}" = CCC Help Norwegian "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{30DAAF05-3679-C10C-953C-BB422FCDF557}" = CCC Help Swedish "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{428536FB-25A0-8531-75EF-D7A7C340B0A4}" = Catalyst Control Center "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BA6B7C9-65AE-BE8B-687A-6F1A2D7F9705}" = CCC Help Czech "{4C8E1E1B-175F-AF47-8B21-E12C7C8B5D40}" = CCC Help Thai "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4EAF46A2-DB90-6B67-F640-5CC876A2B5C4}" = CCC Help Greek "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5D5B8455-50E0-F94A-4C82-0F9303BB4C0E}" = CCC Help Danish "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{7765BB73-D985-42C9-C7EE-AB434D59429F}" = CCC Help Chinese Traditional "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3 "{7ADFB885-8E98-6AAE-8687-D6EFB5127F6B}" = Catalyst Control Center Graphics Previews Common "{7F7C616E-6971-77D9-7D59-82DC35DF81AC}" = CCC Help Russian "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{897D8A5A-19CD-429D-9EA6-4FE5DB94C594}" = WebCam SCB-0350M "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90140000-00BD-0415-0000-0000000FF1CE}" = Język etykietek ekranowych pakietu Microsoft Office 2010 — polski "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9FA5B08F-9162-BCCB-AFAC-28DF1751BEC3}" = Catalyst Control Center Localization All "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{AF859F36-5F97-F6EC-A617-62771A8B4FDC}" = CCC Help Finnish "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BB095F3E-0A7D-7DD4-B2A8-47CB12E416B0}" = CCC Help Japanese "{BC71B06F-BFAE-6A73-091C-F18ACF00A04C}" = CCC Help Italian "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{BDCBA80C-A3BD-9DA5-E43F-EBBBE779C032}" = CCC Help Hungarian "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CEEA6219-8792-3E40-D361-4FB5F0FBBB0F}" = CCC Help Portuguese "{CF053286-7F4C-CAFB-616B-58EC562BB28E}" = CCC Help Chinese Standard "{D07BB56A-7DB4-4564-A1F9-EBCE75FBE3C6}" = Catalyst Control Center InstallProxy "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3689EED-3943-9E90-1D65-D2246EB58AD1}" = CCC Help Turkish "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DBA5EE42-A143-A658-9F86-C611BFDBEFCA}" = CCC Help Dutch "{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding "{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EAF0F475-CFE2-9F4D-F26A-875FF09AD40E}" = CCC Help Spanish "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F1F1CCD6-34FE-81C6-CE0C-F22695E6409F}" = CCC Help German "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F71A71E1-285C-95CE-A8F7-231E3827138E}" = CCC Help Polish "{F771F1D4-EDD4-4D68-82DC-811583C099CD}" = Easy Network Manager "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "ALLPlayer_is1" = ALLPlayer V5.X "Battlelog Web Plugins" = Battlelog Web Plugins "BitComet" = BitComet 1.31 "Counter-Strike 1.6" = Counter-Strike 1.6 "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESN Sonar-0.70.4" = ESN Sonar "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "foobar2000" = foobar2000 v1.1.11 "Gadu-Gadu 10" = Gadu-Gadu 10 "LogMeIn Hamachi" = LogMeIn Hamachi "Mafia II_is1" = Mafia II "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "nasz_album_is1" = nasz-album 3.1.1 "OnLive" = OnLive "OpenAL" = OpenAL "Photo Frame Studio_is1" = Photo Frame Studio "RealPlayer 15.0" = RealPlayer "SpeedFan" = SpeedFan (remove only) "The KMPlayer" = The KMPlayer (remove only) "uTorrent" = µTorrent "WinRAR archiver" = WinRAR 4.00 (32-bitowy) "yowindow" = YoWindow [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1351219184-3339560410-3426726786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab PDF Creator" = FoxTab PDF Creator "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-06-07 11:42:16 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 7042 Description = Error - 2012-06-07 11:42:16 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 9002 Description = Error - 2012-06-07 11:42:16 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 3029 Description = Error - 2012-06-07 11:42:31 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 3029 Description = Error - 2012-06-07 11:42:31 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 3028 Description = Error - 2012-06-07 11:42:31 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 3058 Description = Error - 2012-06-07 11:42:31 | Computer Name = 1-Komputer | Source = Windows Search Service | ID = 7010 Description = Error - 2012-06-07 16:45:37 | Computer Name = 1-Komputer | Source = EventSystem | ID = 4621 Description = Error - 2012-06-07 16:51:47 | Computer Name = 1-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error - 2012-06-07 16:52:13 | Computer Name = 1-Komputer | Source = Microsoft-Windows-EapHost | ID = 2002 Description = Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=13, identyfikator autora=0, identyfikator dostawcy=0, typ dostawcy=0 [ Broadcom Wireless LAN Events ] Error - 2012-04-21 02:06:19 | Computer Name = 1-Komputer | Source = WLAN-Tray | ID = 0 Description = 08:06:18, Sat, Apr 21, 12 Error - Unable to gain access to user store [ System Events ] Error - 2012-06-07 16:57:11 | Computer Name = 1-Komputer | Source = atapi | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0. Error - 2012-06-07 16:57:11 | Computer Name = 1-Komputer | Source = atapi | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0. Error - 2012-06-07 16:57:11 | Computer Name = 1-Komputer | Source = atapi | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0. Error - 2012-06-07 16:58:30 | Computer Name = 1-Komputer | Source = Service Control Manager | ID = 7022 Description = Usługa Konstruktor punktów końcowych audio systemu Windows zawiesiła się podczas uruchamiania. Error - 2012-06-07 16:59:37 | Computer Name = 1-Komputer | Source = Microsoft-Windows-Eventlog | ID = 23 Description = Usługa rejestrowania zdarzeń napotkała błąd (zasób=1117) podczas inicjowania zasobów rejestrowana dla kanału Microsoft-Windows-User Profile Service/Operational. Error - 2012-06-07 16:59:37 | Computer Name = 1-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Audio zależy od usługi Konstruktor punktów końcowych audio systemu Windows, której nie można uruchomić z powodu następującego błędu: %%1070 Error - 2012-06-07 16:59:37 | Computer Name = 1-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Konstruktor punktów końcowych audio systemu Windows zakończyła działanie; wystąpił następujący błąd: %%999 Error - 2012-06-07 16:59:52 | Computer Name = 1-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Eset Trial Reset. Error - 2012-06-07 16:59:52 | Computer Name = 1-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Eset Trial Reset z powodu następującego błędu: %%1053 Error - 2012-06-07 17:01:29 | Computer Name = 1-Komputer | Source = WMPNetworkSvc | ID = 866300 Description = < End of report >