OTL Extras logfile created on: 2012-06-11 10:02:34 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\BJ11008\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,93 Gb Total Physical Memory | 6,07 Gb Available Physical Memory | 76,54% Memory free 15,86 Gb Paging File | 13,87 Gb Available in Paging File | 87,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,56 Gb Total Space | 58,15 Gb Free Space | 59,61% Space Free | Partition Type: NTFS Drive D: | 423,70 Gb Total Space | 379,85 Gb Free Space | 89,65% Space Free | Partition Type: NTFS Drive E: | 410,16 Gb Total Space | 405,03 Gb Free Space | 98,75% Space Free | Partition Type: NTFS Computer Name: BJ11008-BJ11008 | User Name: BJ11008 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-2856585695-615309407-1522262835-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" = C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe:*:Enabled:ipsec "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" = C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe:*:Enabled:ipsec -- (DeviceVM, Inc.) "D:\Gry\Cs\Steam.exe" = D:\Gry\Cs\Steam.exe:*:Enabled:ipsec -- (Valve Corporation) "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:ipsec -- (GG Network S.A.) "C:\ComboFix\NircmdB.exe" = C:\ComboFix\NircmdB.exe:*:Enabled:ipsec "C:\Program Files (x86)\AVG Secure Search\vprot.exe" = C:\Program Files (x86)\AVG Secure Search\vprot.exe:*:Enabled:ipsec -- () "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation) "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" = C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe:*:Enabled:ipsec "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" = C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe:*:Enabled:ipsec -- (DeviceVM, Inc.) "D:\Gry\Cs\Steam.exe" = D:\Gry\Cs\Steam.exe:*:Enabled:ipsec -- (Valve Corporation) "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:ipsec -- (GG Network S.A.) "C:\ComboFix\NircmdB.exe" = C:\ComboFix\NircmdB.exe:*:Enabled:ipsec "C:\Program Files (x86)\AVG Secure Search\vprot.exe" = C:\Program Files (x86)\AVG Secure Search\vprot.exe:*:Enabled:ipsec -- () "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0F5A5E57-92FA-4D35-BD2C-920477CCAAEA}" = rport=445 | protocol=6 | dir=out | app=system | "{1EBD9FDB-9B71-4CB4-ADAC-BD3F84BA6F1F}" = lport=2869 | protocol=6 | dir=in | app=system | "{247BAFCA-66EB-4EB8-AFBC-484F0C4C6D1A}" = rport=138 | protocol=17 | dir=out | app=system | "{2C0039BC-3CB2-43C6-A18A-FA2994BE0255}" = lport=10243 | protocol=6 | dir=in | app=system | "{380F6C9E-301C-45F7-8A5E-81F4958C5A64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3D859248-95C9-4317-92A0-796A980431BB}" = lport=138 | protocol=17 | dir=in | app=system | "{45D81675-7271-4085-B99A-B90C99130D55}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{5044972F-890A-4B76-AF3E-970DE7C5A910}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5F4354EF-E0F6-48F3-8E44-441581F73648}" = lport=445 | protocol=6 | dir=in | app=system | "{698CF4D5-050A-49CE-AFBA-2AAE0FE2EC35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7A582586-B992-46B4-ABB3-5E4FB06EB109}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{81A2871F-08C8-4504-A69D-8DA35155B0F7}" = rport=137 | protocol=17 | dir=out | app=system | "{82E2A93F-62D6-4DDE-AD47-90CE2A819BBA}" = rport=10243 | protocol=6 | dir=out | app=system | "{86CE8311-92E0-4282-84A9-76FECD020CD1}" = rport=139 | protocol=6 | dir=out | app=system | "{96F94573-8F07-405B-AFF6-622AB92E5AFC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9EFA1664-BD03-4F58-8678-8BD719A0EE02}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C541D22D-80C4-47DB-882D-9D386B833A23}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D3097988-1074-4337-A217-D89C6AB46A86}" = lport=137 | protocol=17 | dir=in | app=system | "{D311C498-C7CB-4F88-9E11-86493D9DB577}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E6C9D6D4-F66B-4622-BC66-6D20B75074BC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EC20DFC9-22F8-4CA1-977B-E48C28070C6D}" = lport=139 | protocol=6 | dir=in | app=system | "{F72E69C4-3E93-48A4-A531-77D00312342F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FD97E1FB-A757-462F-A059-A4C70B5C3AFC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08F15A48-6E35-470F-835A-68AB66A43935}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0CD6317E-9C28-4C6F-BFB5-3FD6653239F9}" = protocol=17 | dir=in | app=d:\gry\cs\steam.exe | "{0FDD2FCB-A0EE-49F8-BB59-D53076E03B2A}" = protocol=6 | dir=in | app=d:\programy\utorrent.exe | "{123C07C6-DEE9-4C3A-B5C8-0AAF4DA105E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1D3F0FFF-F623-4CD2-BC94-EAD3F55E4BD2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{1EF1870B-517D-4192-A1AE-E21B0BA742DF}" = protocol=17 | dir=in | app=d:\programy\utorrent.exe | "{25B5A56F-62C2-49CB-AAC8-613674752FD1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{2D4FE485-5308-4068-8D34-F137896E8EE4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{31BF2CAF-2B6C-40C3-9613-FFDC4ADC1845}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{39D95F1A-C273-49F8-AA5E-BB22CB8B46F0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{3DDFBDBC-DA80-4B73-9D81-8A0C465FE2F3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3E2437E5-E82C-4EFB-892D-40DDB77B8D52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{40FA949E-EB9F-4901-97C8-C5CD6C4A47A4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{46D244B7-6E67-489C-AED3-658FF45FAF12}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{46D26D32-9604-4F15-AB12-06E9572F964C}" = protocol=17 | dir=in | app=d:\gry\gta 4\grand theft auto iv\launchgtaiv.exe | "{4821288E-E56C-48D7-A166-7FEE53F83DDF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{5A2F3E7E-DD79-475E-8B24-AC496C73C7B1}" = protocol=17 | dir=in | app=d:\gry\cs\steamapps\g7012858\counter-strike\hl.exe | "{5D5C7B5B-EF5A-4948-A1AC-959AB3A19872}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{5DF1C6BC-963C-42F2-AE6C-37C37480DBC5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{68DE6EA7-C214-4CAA-B3DF-D89A4B3A4246}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6C293953-E026-45B5-928A-6AB170109601}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6D79FE5B-3330-4A5C-978A-6882E94005A6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{7321F5BA-842F-40B9-99D5-6FFFC2CED5CE}" = protocol=6 | dir=in | app=c:\users\bj11008\downloads\sweetimsetup.exe | "{741032CA-4842-4B25-9DBC-9A0C6734DDD5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{76B728EE-3D92-40D7-8B70-7CA58209346D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{77F6CA8D-9DA9-47E0-B6EA-14FE6599ECD8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{7DB89860-ACEC-43B5-9EE2-9187B9A53501}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8251F180-9561-46CF-AE63-61881CA5DFDB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{85BB428B-C726-4C33-94C6-E47CF7924E49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8901DEB1-774D-46DF-B647-87C58636AACA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{8EBE2120-419C-4231-BFE5-D0643343E9A4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{97A17FA1-52E5-46E5-929A-4FC2058C0655}" = protocol=6 | dir=in | app=d:\gry\cs\steam.exe | "{9D488060-279A-48D2-A107-E8E548144E08}" = protocol=6 | dir=out | app=system | "{9E85DECE-A0F3-45B1-9555-4E4077497FCF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A0D53070-B0F9-4AB7-8837-DD93FA159607}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A312FF8B-AC8B-466D-B641-F692AAD690B6}" = protocol=17 | dir=in | app=d:\gry\gta 4\rockstar games social club\rgsclauncher.exe | "{A4DD79B1-C225-46F3-8E48-F50D0A9602E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A79E05A5-F167-4BEB-AACE-427FB5647D98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC6CB1FC-CBFB-49F6-8A3E-40BC31004BA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AD12DE96-ED6F-49B2-9954-0D3E7C65F7DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{BC79188A-0E12-4B39-B6DE-6A8B5EAA2016}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{C593DCA4-2452-4FBF-9A1D-F395819E5233}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{C6DBA5AC-3432-4886-80CC-78FBB15CE58C}" = protocol=6 | dir=in | app=d:\gry\gta 4\grand theft auto iv\launchgtaiv.exe | "{CAA8B249-AD73-41D2-878C-AB39ED977CA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CD909E1B-9A26-4961-A342-F51B0E299AA0}" = protocol=17 | dir=in | app=c:\users\bj11008\downloads\sweetimsetup.exe | "{CE87481B-B8BE-41D7-B8E2-2E472AE7AD91}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{D309A769-D96B-4D52-A9D9-D0F5B38DEF5E}" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "{DF2C4086-3B9C-453A-A445-8D87ACF9A659}" = protocol=6 | dir=in | app=d:\gry\cs\steamapps\g7012858\counter-strike\hl.exe | "{DFB81EA3-8D97-4A19-B8F1-72A11845949D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E88B330B-14D6-41A1-BF8E-6189EDCBC67A}" = protocol=6 | dir=in | app=d:\gry\gta 4\rockstar games social club\rgsclauncher.exe | "{ED4DEC64-2D93-4942-98A6-41A1A7A69143}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{F5BD97D2-8D4E-45FC-A2B3-EBFB041886CF}" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "{F98A4E37-11C5-4A5C-9748-5DECFE21B00A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{FF3A221A-4E98-4C1A-A2E4-96256A4219D2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "TCP Query User{09959B22-DD52-4217-9534-7029E50D39EF}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{29242CCC-CA69-4F7E-BCA3-F161DBBD6F93}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe | "TCP Query User{36CA3718-66AD-4909-8284-94C2AE875376}D:\programy\mirc\mirc.exe" = protocol=6 | dir=in | app=d:\programy\mirc\mirc.exe | "TCP Query User{3C56E936-89D3-449F-93A9-7A2EEFE048E7}C:\users\bj11008\desktop\theeye\theeye.exe" = protocol=6 | dir=in | app=c:\users\bj11008\desktop\theeye\theeye.exe | "TCP Query User{3E3587FA-198C-4DD3-B92C-95A0CFBA83FE}D:\gry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta 4\grand theft auto iv\gtaiv.exe | "TCP Query User{43972D12-C4F3-4AA9-A3CF-C2651ECE54B3}D:\gry\nfs\nfssss\need for speed underground 2\speed2.exe" = protocol=6 | dir=in | app=d:\gry\nfs\nfssss\need for speed underground 2\speed2.exe | "TCP Query User{69CCF25F-B66C-405A-818F-B1EE10BEEF8B}D:\programy\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "TCP Query User{72D321BB-3E21-4016-8FE8-EF3669396599}D:\gry\medal of honor\mohaa.exe" = protocol=6 | dir=in | app=d:\gry\medal of honor\mohaa.exe | "TCP Query User{77AC6847-8D08-454E-B114-FB4C70F172A4}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{8E8360D6-06B9-4C1F-BCFA-624674D0E557}C:\users\bj11008\desktop\metka\start.exe" = protocol=6 | dir=in | app=c:\users\bj11008\desktop\metka\start.exe | "TCP Query User{952C0449-72D2-4EBB-8EAC-54CE9FD3749E}C:\users\bj11008\desktop\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\bj11008\desktop\left 4 dead 2\left4dead2.exe | "TCP Query User{B667CFF1-2E08-43BB-AD3A-249049254583}D:\gry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta 4\grand theft auto iv\gtaiv.exe | "TCP Query User{C0A33699-EBB0-4E0A-89EC-FC3C737D1F54}D:\gry\stranglehold\binaries\retail-stranglehold.exe" = protocol=6 | dir=in | app=d:\gry\stranglehold\binaries\retail-stranglehold.exe | "TCP Query User{FF14026C-8D2A-480C-9285-1221BEB7C84B}D:\programy\torrius\engine\torreador.exe" = protocol=6 | dir=in | app=d:\programy\torrius\engine\torreador.exe | "UDP Query User{0CC7CB65-0FD4-428B-9FC1-1AAB8ECFFED6}D:\programy\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "UDP Query User{13F2D034-C3A1-4383-8883-C3C3AA43D853}D:\gry\stranglehold\binaries\retail-stranglehold.exe" = protocol=17 | dir=in | app=d:\gry\stranglehold\binaries\retail-stranglehold.exe | "UDP Query User{22EB398C-6D83-43F8-B63D-665B038791A1}D:\programy\torrius\engine\torreador.exe" = protocol=17 | dir=in | app=d:\programy\torrius\engine\torreador.exe | "UDP Query User{34558551-10D0-452A-9ADF-D2C72D773E01}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{4216707B-29D9-4439-8ECF-9C874CE333E8}D:\programy\mirc\mirc.exe" = protocol=17 | dir=in | app=d:\programy\mirc\mirc.exe | "UDP Query User{6F9D9B2A-3ECB-4B14-AEC7-BA08231DB57E}D:\gry\medal of honor\mohaa.exe" = protocol=17 | dir=in | app=d:\gry\medal of honor\mohaa.exe | "UDP Query User{7975FF1C-CD1D-40EB-B726-82F2D5F7CC13}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{AEB6141D-8EF0-450B-AAD7-6ADE0F950EAD}C:\users\bj11008\desktop\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\bj11008\desktop\left 4 dead 2\left4dead2.exe | "UDP Query User{C322BEF1-0E7F-4C7B-98BD-94056DC508AE}C:\users\bj11008\desktop\metka\start.exe" = protocol=17 | dir=in | app=c:\users\bj11008\desktop\metka\start.exe | "UDP Query User{CB8B115E-450A-4D93-A6F5-63BC2E30BA19}C:\users\bj11008\desktop\theeye\theeye.exe" = protocol=17 | dir=in | app=c:\users\bj11008\desktop\theeye\theeye.exe | "UDP Query User{CECE0A4D-DF8E-4CB4-AC0F-012166022A54}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe | "UDP Query User{E046D583-F999-4772-8A3D-CF00F0238944}D:\gry\nfs\nfssss\need for speed underground 2\speed2.exe" = protocol=17 | dir=in | app=d:\gry\nfs\nfssss\need for speed underground 2\speed2.exe | "UDP Query User{EAB1A74E-1213-49A9-9170-B34221416022}D:\gry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta 4\grand theft auto iv\gtaiv.exe | "UDP Query User{ED936FFB-1A62-4101-ABF5-BE803D551F2E}D:\gry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta 4\grand theft auto iv\gtaiv.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{857B32C1-7C87-40B5-B2A5-D06F49B80002}" = AVG 2012 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 301.42 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "AVG" = AVG 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM) "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B973521-269F-11E1-8ED3-F04DA23A5C58}" = MSVCRT Redists "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar "{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1 "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0521.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skoki Narciarskie 2002 "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B09.1014.2 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Gadu-Gadu 10" = Gadu-Gadu 10 "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0521.1 "InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B09.1014.2 "Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0 "mobilewitch Toolbar" = mobilewitch Toolbar "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Need for Speed Underground 2" = Need for Speed Underground 2 "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Steam App 10" = Counter-Strike "SwitchOff" = Switch Off "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "uTorrentBar Toolbar" = uTorrentBar Toolbar "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-03-20 04:57:47 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = Error - 2012-03-20 05:12:14 | Computer Name = BJ11008-BJ11008 | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-03-20 09:11:29 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = Error - 2012-03-20 16:49:21 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = Error - 2012-03-20 17:21:23 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = Error - 2012-03-20 17:34:58 | Computer Name = BJ11008-BJ11008 | Source = Application Hang | ID = 1002 Description = Program ZeusMu.exe w wersji 1.4.10.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: f54 Godzina rozpoczęcia: 01cd06e12a37474d Godzina zakończenia: 37 Ścieżka aplikacji: C:\Users\BJ11008\Desktop\ZeusMu\ZeusMu.exe Identyfikator raportu: 891f99fa-72d4-11e1-a6df-1c6f65ab2930 Error - 2012-03-20 18:41:07 | Computer Name = BJ11008-BJ11008 | Source = Application Hang | ID = 1002 Description = Program ZeusMu.exe w wersji 1.4.10.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1390 Godzina rozpoczęcia: 01cd06ea7de888cf Godzina zakończenia: 38 Ścieżka aplikacji: C:\Users\BJ11008\Desktop\ZeusMu\ZeusMu.exe Identyfikator raportu: c70b4410-72dd-11e1-a6df-1c6f65ab2930 Error - 2012-03-21 04:31:51 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = Error - 2012-03-21 05:26:05 | Computer Name = BJ11008-BJ11008 | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-03-21 05:45:10 | Computer Name = BJ11008-BJ11008 | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-06-10 13:43:53 | Computer Name = BJ11008-BJ11008 | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2012-06-10 13:45:21 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-06-10 13:47:26 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7023 Description = Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-06-10 13:50:03 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%31 Error - 2012-06-11 03:39:06 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-06-11 03:40:31 | Computer Name = BJ11008-BJ11008 | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2012-06-11 03:40:31 | Computer Name = BJ11008-BJ11008 | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2012-06-11 03:50:53 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-06-11 03:52:05 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7023 Description = Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-06-11 03:53:57 | Computer Name = BJ11008-BJ11008 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%31 < End of report >