OTL Extras logfile created on: 08/05/2012 00:17:06 - Run 1 OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Konrad\Desktop\virus 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy 3.75 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 42.74% Memory free 3.75 Gb Paging File | 1.59 Gb Available in Paging File | 42.37% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48.83 Gb Total Space | 3.20 Gb Free Space | 6.55% Space Free | Partition Type: NTFS Drive D: | 249.26 Gb Total Space | 47.41 Gb Free Space | 19.02% Space Free | Partition Type: NTFS Drive G: | 2.39 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: KONRAD-PC | User Name: Konrad | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3980614339-2760232429-1947205064-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "C:\Program Files (x86)\ChomikBox\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{070DD9A6-BFBC-45FD-8528-FA2DE7CA28FE}" = lport=137 | protocol=17 | dir=in | app=system | "{0D5ACF5E-87D1-4E87-BCF6-8FD80DB6BC15}" = rport=445 | protocol=6 | dir=out | app=system | "{154DAE49-768A-4DC7-AFFF-937573DB6D58}" = lport=138 | protocol=17 | dir=in | app=system | "{166C4076-F1A3-4FC1-B78F-A118E108EADC}" = lport=445 | protocol=6 | dir=in | app=system | "{3F1753D2-232F-4ED0-9E52-185310D4D067}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{44033767-AC92-4E73-920E-C01F26ABC7A0}" = lport=139 | protocol=6 | dir=in | app=system | "{48CCA091-FBEE-4152-BD53-CE4A65766CCB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{4BF8DDE2-B8B4-4311-8804-36A19B30E2E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4E09B561-91E3-48A8-B376-3FA2766DB661}" = lport=2869 | protocol=6 | dir=in | app=system | "{655A3A7D-BD0F-42DE-AE08-DE3E73A0CA8D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6C87F813-8A63-4FC5-968C-44AEB020C6C7}" = lport=10243 | protocol=6 | dir=in | app=system | "{783F9A4F-EFCC-4AFF-8802-40DDE2B46DCA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{84CE7361-6449-419D-86D6-B3BFF7C8A737}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AE5B5208-B30D-4F91-B12F-16BACF2274E6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BB97E7E5-473A-45C4-A8FF-6F0BF51DF963}" = rport=137 | protocol=17 | dir=out | app=system | "{BE113049-3FD8-4946-A3A9-42F15934BBFE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CACC3C19-A67B-4C7D-A20F-172248875846}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CB1483F8-3630-45C4-A7F6-E5589F8539FD}" = rport=10243 | protocol=6 | dir=out | app=system | "{DBBFD8F0-E215-4703-8C41-D59E3924E362}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E0F7AE9E-5276-448D-B4C3-06AFF3C528A7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E18FC7A6-8CBB-4751-A8D2-95485310B16D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E1FE5FA3-3C8C-4B54-BAC3-6C8D02119828}" = rport=138 | protocol=17 | dir=out | app=system | "{E82F9119-08BD-4A76-982D-6409E7E93BDD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{EC9DDCF0-278A-41AA-BC48-678664775251}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0705647A-7A37-4551-BCDA-7CA06F5D96B2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{0C16D196-9081-4765-92ED-19A70ED73DB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{109F7521-4332-49CE-888F-73C2B5C7C781}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{15B94516-DA4E-494B-BEB0-F56E558EEA3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1BFBC7E9-2BF7-4B10-90CA-9CBC50F3C59E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{1C8450C0-B305-4352-B679-7433AD2B3619}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{20AE0FD3-980C-43F8-9E9E-B901B83D0676}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{262C3644-0316-4BAE-81BE-82E280B52C8B}" = protocol=6 | dir=out | app=system | "{27ADCC39-C79E-45C0-A662-BFC03D1D736C}" = protocol=17 | dir=in | app=c:\program files (x86)\planet ip wizard ii\ipwizardii.exe | "{2CB09C04-83AD-46F0-9356-5BFF9B0E9CE0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{3395114F-6329-4438-AABD-7AE2C65E5F38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{44FDC262-59B0-491C-AE55-ADE01B46DF33}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{57321DB7-67F7-406E-8BE9-B405DC3D9FC2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5B93A96F-456B-4FB5-8E28-D5B935C90C64}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E25A2FF-F5C4-473F-97DF-CE1DAB01A7ED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5EF26753-59A6-4CC8-9E3B-6C138AA88E65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{610A1929-DE83-4C0F-A3F5-4BBF0A5A8B0E}" = protocol=17 | dir=in | app=c:\program files (x86)\ultravnc\vncviewer.exe | "{670B00E9-CDBA-4130-806C-DE6A8ACDC2C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{674445E3-85D0-41C9-927A-91F7D062F26A}" = protocol=17 | dir=in | app=c:\program files (x86)\planet ip wizard ii\ipwizardii.exe | "{6E7EF38A-768F-451C-8501-36F1E778648A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{72EB82DF-568A-4EB2-B6F4-D653AFD64580}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{75695BA8-8C62-458C-98E2-00A649DFE59A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{767912A8-DB52-4B23-85F8-75121AFD94D2}" = protocol=6 | dir=in | app=d:\gry\steam\steam.exe | "{7AF07802-F53B-4D21-B86A-5E07FA7C78F2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8022A23E-EE30-447D-9064-8A505A756101}" = protocol=6 | dir=in | app=c:\program files (x86)\planet ip wizard ii\ipwizardii.exe | "{80EDCECA-4D89-4C2E-AE2E-0AB7298CE848}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{81801BB3-86B0-46C4-A61B-5438D0E867F1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{847727F0-782E-4A12-BC16-645AE868E7B0}" = protocol=6 | dir=in | app=c:\program files (x86)\ultravnc\vncviewer.exe | "{869AB752-5FD1-44F6-82B3-6E67A09A612D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A198E30E-D77B-4D26-9105-0BFE55117806}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A9F8BFBA-406B-4B2A-ADDD-6973033AFCCC}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | "{B0864863-59C5-4038-B3AC-572C15DBD3F2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{B7D3955D-4A3D-42B9-AD7E-B1F06B8DBA06}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C3C624F7-D5A5-4047-BF6A-500621DD2616}" = protocol=6 | dir=in | app=c:\program files (x86)\planet ip wizard ii\ipwizardii.exe | "{C8F88EDE-88D0-4FD8-9599-43A6D3A2B82B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{CE750B3F-6A6C-44FC-875E-C7E803167D3E}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | "{D9A12F9E-3FA2-4839-A4B7-5D633434962B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{DD684CE6-6B6E-46C3-9595-599FA95C6185}" = protocol=17 | dir=in | app=d:\gry\steam\steam.exe | "{ED1D40F7-45D5-4420-8D7C-FC9F85D6C6B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F1AC624F-BA45-4E54-A6D6-D92AE36D7FEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{13F39DAA-0EEC-4087-8853-D8D791E3BEEF}C:\program files (x86)\cisco packet tracer 5.3.2\bin\packettracer5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cisco packet tracer 5.3.2\bin\packettracer5.exe | "TCP Query User{29B9D244-AE63-4B2C-A598-FA1ADE3C20DB}D:\gry\deadspace\dead space.exe" = protocol=6 | dir=in | app=d:\gry\deadspace\dead space.exe | "TCP Query User{475511CA-8C90-4355-93DC-18B386CA5E98}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{5B79C828-D334-4DA1-8E69-6804ADAA55BA}D:\gry\witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\witcher 2\bin\witcher2.exe | "TCP Query User{7ADA47FF-3834-4DDB-90C2-D3A4AA1C1A85}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "TCP Query User{824689F9-353C-4E2E-A716-58DEBEA045FD}C:\program files (x86)\prettymaybasic\prettymay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\prettymaybasic\prettymay.exe | "TCP Query User{8AA8841B-7506-4F5F-A3D3-877F04DB676E}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{8FCA7CDD-DDF2-4DF0-BA63-4BA5CDEDE369}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{C91DF15E-8EE6-413A-8A0D-B91BC82B84A1}D:\gry\sl\slvoice.exe" = protocol=6 | dir=in | app=d:\gry\sl\slvoice.exe | "TCP Query User{D2957E88-8C81-4E00-B483-CDDDC795112D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{0C86EBD2-C55D-4ECC-8484-F29A1B2C8A13}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{1004CC9B-AB8A-4BF6-A2BE-013181A14668}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{2E2F2B94-AAD7-4577-9C79-4DC4DD87BBFB}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "UDP Query User{37C18E86-6BED-49F3-B5BD-19EF69E781F3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{6329A8BA-8E67-453C-9644-CDE341635164}D:\gry\witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\witcher 2\bin\witcher2.exe | "UDP Query User{8485361C-24DE-42D8-BE0B-E4EAB09268E2}D:\gry\sl\slvoice.exe" = protocol=17 | dir=in | app=d:\gry\sl\slvoice.exe | "UDP Query User{CC438172-FBE4-40D5-AD68-A9EC66380BE1}C:\program files (x86)\cisco packet tracer 5.3.2\bin\packettracer5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cisco packet tracer 5.3.2\bin\packettracer5.exe | "UDP Query User{DDFD4993-8D27-473A-93A1-3A19AEA50CF0}C:\program files (x86)\prettymaybasic\prettymay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\prettymaybasic\prettymay.exe | "UDP Query User{DF00D911-2558-4D54-B4C9-7287AEBE112B}D:\gry\deadspace\dead space.exe" = protocol=17 | dir=in | app=d:\gry\deadspace\dead space.exe | "UDP Query User{E87E32F4-FE3C-41D7-A0AA-4A0176A21FAB}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0031FC73-643E-19DB-0A34-F7FF70B2F1E7}" = ccc-utility64 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64 "{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit "{347F1DAD-AFF5-4F68-84F5-69AEB3EE1D24}" = Microsoft Deployment Toolkit 2010 Update 1 (5.1.1642.01) "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{72DECC0F-58E0-0618-C857-43B4D3DB7B75}" = AMD Catalyst Install Manager "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{B328C018-B179-9A7C-C049-FC079607B10E}" = AMD Fuel "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client PL-PL Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "EPSON Stylus SX200 Series" = Odinstaluj drukarkę EPSON Stylus SX200 Series "HashTab" = HashTab 4.0.0.2 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011 "{13557DA4-3AB0-DB9B-B746-1BE901DEC60D}" = AMD VISION Engine Control Center "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29 "{34962E5E-FAC1-D8DF-7070-AA2B58971E31}" = Catalyst Control Center Graphics Previews Common "{44863FE1-AE61-4C81-9BF6-FBC467785D32}" = Taito Legends "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6F23A5FE-CFE7-4340-A480-AA9AC196E9AB}" = ChomikBox "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A85DF75-64F2-4352-9534-8A76F8C1E511}_is1" = The Official Driver Theory Test (4th Edition, Revised May 2009) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9 "{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1" = PSD Viewer "{DAABB60F-D2CB-ADC0-6FA7-8B2BB0A78CDA}" = Catalyst Control Center InstallProxy "{DDFAA49C-2B1D-4808-B43A-4AAFF0475B04}" = Plus Pack for Acronis True Image Home 2012 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Bridge Builder PL" = Bridge Builder PL "Cheat Engine 6.1_is1" = Cheat Engine 6.1 "Cisco Packet Tracer 5.3.2_is1" = Cisco Packet Tracer 5.3.2 "DAEMON Tools Lite" = DAEMON Tools Lite "Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON Scanner" = EPSON Scan "ESET Online Scanner" = ESET Online Scanner v3 "Fallout" = Fallout "Fallout 2_is1" = Fallout 2 "Fraps" = Fraps "ImgBurn" = ImgBurn "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "JDownloader" = JDownloader "KViewCenter" = KViewCenter "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "NirSoft BlueScreenView" = NirSoft BlueScreenView "nLite_is1" = nLite 1.4.9.1 "Opera 11.62.1347" = Opera 11.62 "Pontifex" = Pontifex "PrettyMay Call Recorder for Skype - Basic" = PrettyMay Call Recorder for Skype - Basic 4.0.0.226 "RealVNC_is1" = VNC Free Edition 4.1.3 "SecondLifeViewer" = SecondLifeViewer (remove only) "SpeedFan" = SpeedFan (remove only) "Steam App 220" = Half-Life 2 "Steam App 420" = Half-Life 2: Episode Two "SubEdit-Player_is1" = SubEdit-Player "TeamViewer 7" = TeamViewer 7 "Tibia_is1" = Tibia "UltraISO_is1" = UltraISO Premium V9.36 "Ultravnc2_is1" = UltraVnc "Universal Extractor_is1" = Universal Extractor 1.6.1 "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 07/05/2012 17:31:08 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 17:31:13 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:31:49 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:31:54 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:31:56 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:31:56 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:31:59 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:32:00 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:32:01 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 07/05/2012 18:32:01 | Computer Name = Konrad-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . [ System Events ] Error - 07/05/2012 10:21:05 | Computer Name = Konrad-PC | Source = atapi | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0. Error - 07/05/2012 10:21:05 | Computer Name = Konrad-PC | Source = atapi | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0. Error - 07/05/2012 10:21:28 | Computer Name = Konrad-PC | Source = volsnap | ID = 393230 Description = Kopie w tle woluminu C: zostały przerwane z powodu usterki We/Wy w woluminie C:. Error - 07/05/2012 12:38:51 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:44 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:44 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:44 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:45 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:45 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error - 07/05/2012 12:47:50 | Computer Name = Konrad-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. < End of report >