OTL Extras logfile created on: 2012-07-06 19:21:36 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = D:\ 64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 3,60 Gb Available Physical Memory | 90,50% Memory free 7,96 Gb Paging File | 7,59 Gb Available in Paging File | 95,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,73 Gb Total Space | 13,14 Gb Free Space | 26,97% Space Free | Partition Type: NTFS Drive D: | 1019,73 Mb Total Space | 218,64 Mb Free Space | 21,44% Space Free | Partition Type: FAT Drive E: | 100,71 Gb Total Space | 0,10 Gb Free Space | 0,10% Space Free | Partition Type: NTFS Drive F: | 488,99 Gb Total Space | 0,02 Gb Free Space | 0,01% Space Free | Partition Type: NTFS Drive G: | 292,97 Gb Total Space | 0,41 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Computer Name: GINUS-PC | User Name: ginus | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4055189391-1973898314-2478451747-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00320F8F-3C55-4F41-9DD0-63F59F8BDD9C}" = lport=3389 | protocol=6 | dir=in | app=system | "{049C81A1-8DF3-4CDC-B7BF-0B0A23A5F7D6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{04EDF624-E3C8-44D0-A789-1AF4B24957CC}" = lport=2869 | protocol=6 | dir=in | app=system | "{170B97F8-921F-4EE8-B1F5-C9E0D11828D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{20F4F657-C3C5-46C5-A1C5-D57B9CB3E3FB}" = lport=138 | protocol=17 | dir=in | app=system | "{29524FCF-A983-4358-A5CB-C1F284A6F15F}" = rport=137 | protocol=17 | dir=out | app=system | "{2B9CACA6-5D9D-47D7-97C9-A485E129A664}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{32901B4E-C619-4538-AE1A-47D4FDA1208D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3627D590-D849-4A15-9854-AB1123B1A8A2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3BB8E3ED-8609-4AEB-A7CE-862ADBC558FC}" = lport=10243 | protocol=6 | dir=in | app=system | "{4DEC3E49-6C39-4C1F-BA22-4BD7FEC50682}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5076567F-1AB1-4289-BB64-638ED7168C5C}" = rport=445 | protocol=6 | dir=out | app=system | "{6E7B76EC-D855-4ACD-B271-01686499556F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{738441B4-DA73-46CA-9187-5DEEE9806754}" = rport=138 | protocol=17 | dir=out | app=system | "{7D5C1E06-2377-4E0A-936E-B8CB90226819}" = rport=10243 | protocol=6 | dir=out | app=system | "{8B962407-519A-43C9-ADCF-A6BD92254E5F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A8EBAC90-EB6A-4D38-939A-BEE00E6FF3A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{ADEC4BA8-7E9E-47E4-A4C0-8F04311EDF21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B1D2C949-1540-47A0-B41D-24F7A6ABF180}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B6B3DB3F-D0D9-4ACD-BEE3-A8191CF84086}" = rport=139 | protocol=6 | dir=out | app=system | "{BDA0E124-7D49-45EA-8A78-8CFC7B7BA0F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BE8EC2C3-2074-4F14-A022-BE8E4F81B25E}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | "{E61C97F6-FB2A-4538-A79B-B389CD3F43EA}" = lport=139 | protocol=6 | dir=in | app=system | "{E9FA8B08-26DD-44B1-BCA2-9BD75012B8F0}" = lport=445 | protocol=6 | dir=in | app=system | "{FA80749B-7116-4704-BBC8-E1DA4BF751AF}" = lport=137 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0024DB7E-B92F-4B95-A6D9-CB8A357F8C15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{11250DC4-ECEF-46BC-A470-694C4172FE81}" = protocol=6 | dir=out | app=system | "{136093A5-19F9-4BD3-86B7-B8DAB8872DFC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2708A594-2CDD-4700-838E-3E79D035146F}" = protocol=6 | dir=in | app=g:\diablo iii\diablo iii.exe | "{2C52293D-2500-47A0-B0F5-113CB76984D9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{33AFCE0D-32F1-40B4-B0AA-448FD268EE38}" = protocol=17 | dir=in | app=g:\diablo iii\diablo iii.exe | "{352ECD96-13CE-4EB5-A55A-9447103A11CF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{3E185F90-15AF-49EF-B0D0-06E62C7793D2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{43508365-C92B-41C8-83B7-D602E1F86585}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{44EFE1E1-FBA0-4EE8-B662-B01931624CFC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4992519D-749A-42E8-A3FB-8BD524E4E9A6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{51325466-7FFD-4977-BFF9-038193AA1BD1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5A9173B9-4250-4A76-9BBE-3D2A72B7E92F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5D64D803-0EB1-4BD0-B3C1-544DC88875EE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5F55BA63-8EF6-4407-B03E-02BBDE19CE94}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{61B4C0FE-C0B0-4422-8DAA-3BAFA6650272}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7A083AE5-039A-4755-927C-BBECCBA4CC9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{80A47C2A-39FD-48E8-9F37-C1F5285F2A45}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8280FD8A-072E-47B9-9548-D5C99BB07061}" = protocol=58 | dir=in | app=system | "{8BB25136-D7B6-4879-AC4E-26453C58A174}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8DE6EF4A-AC26-4D6E-BDF2-8FF3EF434CB5}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{99AE03EA-3238-4DF5-96E1-779FC28B29C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A1784AF8-F10C-44CE-9582-B647FE1FA91C}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{AB760B34-1522-4CD5-A572-F29AAA584556}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B1CD6E6B-8B9C-479B-BE3E-CFFD4506A6EA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{C2365CAE-B76E-4487-99B8-2A2B0B0D7F16}" = protocol=6 | dir=in | app=g:\n4s hp2\launcher.exe | "{E5632B41-F7AB-4AE0-BD4E-832D17129578}" = protocol=17 | dir=in | app=g:\n4s hp2\launcher.exe | "{E88ABF8A-724E-44E2-8065-CEBF4B671428}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E9F0ABD4-6B5E-480B-989B-B6CAEB92D273}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{F27E64E7-6585-4A20-819C-A56BC5911B72}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FA5F5D1D-0D23-41A0-BAE2-8B590E6AFDCF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FD20CE25-7EE0-4A31-9EF1-CA162C2450A0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{06F45B9F-1302-4609-8DFA-2F0B0D2F87FF}C:\users\ginus\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\ginus\downloads\utorrent.exe | "TCP Query User{130B05DD-63B7-4A68-A470-5FE5361B1E54}G:\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=g:\fifa 12\game\fifa.exe | "TCP Query User{1C8FD447-64F7-49B6-9206-37ADB6223183}G:\batman arkham city\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=g:\batman arkham city\binaries\win32\batmanac.exe | "TCP Query User{4115E03B-A166-4171-944C-27242F950F20}C:\users\ginus\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\ginus\downloads\utorrent.exe | "TCP Query User{495C8F26-4777-49A8-AC3C-B9FA970147E8}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{53C6C41B-3B64-4330-B0AA-F975F2982464}C:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader.exe | "TCP Query User{57025650-59BE-432D-9017-5410A97704F5}G:\portal 2\portal2.exe" = protocol=6 | dir=in | app=g:\portal 2\portal2.exe | "TCP Query User{5755ACD7-A5A9-4961-8D1F-69FA64B23D21}G:\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=g:\need for speed the run\need for speed the run.exe | "TCP Query User{58B45B94-450B-4A6F-9907-25273BA2D202}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "TCP Query User{5E4B8DCC-FA5C-4A31-95AD-238970785D30}C:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader(1).exe" = protocol=6 | dir=in | app=c:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader(1).exe | "TCP Query User{65FA57AE-73C6-4C0C-B36D-E9414B9372C4}G:\football manager 2012\fm.exe" = protocol=6 | dir=in | app=g:\football manager 2012\fm.exe | "TCP Query User{772C15A3-4D22-4E58-B8D1-C769BBD74114}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "TCP Query User{805A0B79-DDE0-4F9C-B43F-3BDB25EA417B}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{8C3B2899-C349-4D12-AE46-2BE83E99131D}G:\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=g:\the witcher 2\bin\witcher2.exe | "TCP Query User{94B0E7F7-536B-4444-B707-0DBA504A57C3}D:\gry\diablo ii\game.exe" = protocol=6 | dir=in | app=d:\gry\diablo ii\game.exe | "TCP Query User{A9C76055-D4CD-4B39-8B28-027064DDD4B4}G:\hunted the demons forge\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=g:\hunted the demons forge\binaries\win32\p4dftre.dll | "TCP Query User{B9DB22EC-CCE5-43F5-B4B4-DE43548E520D}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "TCP Query User{BB5DC569-FC52-4526-A602-A9CF30D4958A}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{C365D8FE-5119-4E2E-8D65-7067210D3B45}G:\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=g:\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe | "TCP Query User{C477E32B-6516-41D3-9A27-B7278F4B8A74}G:\n4s hp2\nfs11.exe" = protocol=6 | dir=in | app=g:\n4s hp2\nfs11.exe | "TCP Query User{C5240CAC-5ABF-4877-9BD2-97B5F5E915EB}C:\users\ginus\downloads\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=c:\users\ginus\downloads\diablo-iii-setup-engb.exe | "TCP Query User{D4D1014C-CFFC-4CE9-85AD-EF8B9A07C628}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{D893FDF3-257F-47D6-9734-77E776F5D481}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "TCP Query User{D8A06B64-1976-4B9C-AC44-F23B06141882}G:\london 2012 the official video game of the olympic games\london2012.exe" = protocol=6 | dir=in | app=g:\london 2012 the official video game of the olympic games\london2012.exe | "TCP Query User{D9A5C2BD-4D2C-4DA2-A14A-2BA636FDDEAB}G:\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=g:\diablo iii\diablo iii.exe | "TCP Query User{E102A05D-306B-48E3-94A9-120A459F9D71}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{FB600DE9-FC45-4896-88D6-055DE0DC9821}G:\alice madness returns the complete collection\game\alice1\bin\alice.exe" = protocol=6 | dir=in | app=g:\alice madness returns the complete collection\game\alice1\bin\alice.exe | "TCP Query User{FF40F691-D4F1-493D-A2C4-B417DFFC24FA}G:\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=g:\shift 2 unleashed\shift2u.exe | "UDP Query User{0EF249BD-882D-4171-82F0-03C15D21E1E8}G:\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=g:\alice madness returns the complete collection\game\alice2\binaries\win32\alicemadnessreturns.exe | "UDP Query User{2063D0C5-8D43-4A9B-BEA7-E96B5E5725F6}G:\hunted the demons forge\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=g:\hunted the demons forge\binaries\win32\p4dftre.dll | "UDP Query User{21B0F4D2-1445-4D4F-BD32-4950A7CB32A4}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{2A44F781-E953-4E2B-B9F9-8520FB0007D0}C:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader.exe | "UDP Query User{2D5E4163-59E9-448B-AA00-507B47B383E1}G:\football manager 2012\fm.exe" = protocol=17 | dir=in | app=g:\football manager 2012\fm.exe | "UDP Query User{3316C992-BDB3-47FA-AA2C-0F6C11821D11}G:\london 2012 the official video game of the olympic games\london2012.exe" = protocol=17 | dir=in | app=g:\london 2012 the official video game of the olympic games\london2012.exe | "UDP Query User{3F5975F5-6EA9-45C7-9E76-01C725D698B9}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "UDP Query User{4D9CD20B-7AB2-4E92-BFAB-5E80B53B747F}D:\gry\diablo ii\game.exe" = protocol=17 | dir=in | app=d:\gry\diablo ii\game.exe | "UDP Query User{57C8E9AC-5AF3-4EA9-BA39-11093B8E07DF}G:\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=g:\need for speed the run\need for speed the run.exe | "UDP Query User{5999F990-E963-428F-8465-33889F37F4FC}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "UDP Query User{5B58F8C4-91D2-4083-8289-EBDA2FD3EED2}G:\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=g:\shift 2 unleashed\shift2u.exe | "UDP Query User{7163A8E5-468A-4020-A4AA-71D43260302F}G:\n4s hp2\nfs11.exe" = protocol=17 | dir=in | app=g:\n4s hp2\nfs11.exe | "UDP Query User{817E31C9-4A48-456A-9D8B-2395E23908E3}C:\users\ginus\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\ginus\downloads\utorrent.exe | "UDP Query User{826B8689-F045-44C5-ACFD-791DA7403063}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{96F58258-8FA4-40A8-B40B-35F6AE3AA72A}G:\batman arkham city\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=g:\batman arkham city\binaries\win32\batmanac.exe | "UDP Query User{989065D5-8525-44F3-B71E-DF1EE5B7C51B}C:\users\ginus\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\ginus\downloads\utorrent.exe | "UDP Query User{9AAA8E35-729C-46CD-8B92-903A4B71C930}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{A3F2FE52-4050-450B-9132-B6CCD430C972}G:\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=g:\the witcher 2\bin\witcher2.exe | "UDP Query User{AFB34C64-4D51-4B0C-8170-4A43323FBF71}G:\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=g:\diablo iii\diablo iii.exe | "UDP Query User{B38885C3-3525-457B-B8DA-033694E78CD7}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "UDP Query User{C40259DB-12A7-40BC-9E6C-CA94E5E36F2E}G:\portal 2\portal2.exe" = protocol=17 | dir=in | app=g:\portal 2\portal2.exe | "UDP Query User{C5E5E468-DBBC-4F07-ACA2-56B605281070}G:\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=g:\fifa 12\game\fifa.exe | "UDP Query User{C9EA3495-86BE-431A-8064-47DEE01A8BEC}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{DC7910E8-93C0-4AF9-A7F0-60F5C93AEC87}C:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader(1).exe" = protocol=17 | dir=in | app=c:\users\ginus\downloads\diablo-iii-8370-engb-installer-downloader(1).exe | "UDP Query User{E63DC65C-2A1B-44FA-A978-6AB09CE57033}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{F274D4F0-632C-4289-B284-C740EAD84B8C}G:\alice madness returns the complete collection\game\alice1\bin\alice.exe" = protocol=17 | dir=in | app=g:\alice madness returns the complete collection\game\alice1\bin\alice.exe | "UDP Query User{F57186C5-7478-4CC5-9082-09E0CC9266F8}C:\users\ginus\downloads\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=c:\users\ginus\downloads\diablo-iii-setup-engb.exe | "UDP Query User{F79B69A0-91A0-4903-A3E5-9D4AFE7337FF}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{40D70C5F-A748-0848-0696-BD8901BB3C2B}" = AMD Drag and Drop Transcoding "{4BE9F0B8-FF3D-5CAA-9BF2-CB6F3DF75D3B}" = ccc-utility64 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{52FB2985-F3AD-DAA7-7645-4E38A5B96E17}" = AMD Catalyst Install Manager "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9A109BCE-6CC8-7AF4-EF13-E5EC6BACFFA5}" = ATI AVIVO64 Codecs "{ADE357A9-1514-A3CB-2053-EFAC5B6698C0}" = ATI Problem Report Wizard "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FA54C4B1-98E3-AEFA-7254-C4038DC739AF}" = AMD Media Foundation Decoders "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1 "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v2.7.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "WinRAR archiver" = WinRAR 4.00 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{1BF82343-8EE6-8B76-90CF-31059B9D1842}" = CCC Help English "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}" = Paragon Partition Manager 8.5 Professional "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{70C3CC75-9E14-D215-8FAD-5ABEAE3125D9}" = Catalyst Control Center "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{78A2075F-120C-4644-B9DF-2C57E0AFE76C}" = The Elder Scrolls V Skyrim "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{93A3AB24-36E8-41BA-80C6-CCEC237836DC}" = Alice Madness Returns "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE "{B531E735-8ED5-4270-ACCE-3809086FBD02}_is1" = Batman Arkham City version 1.0 "{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker "{E9A1960E-7756-2299-C700-DC7CA6EDD6E4}" = Catalyst Control Center InstallProxy "{E9D98510-A8B6-E39C-B8BA-BA9A511E040C}" = Catalyst Control Center Graphics Previews Common "{ED83D14F-8100-63D0-9329-77A92380EB92}" = HydraVision "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "7-Zip" = 7-Zip 9.20 "Betsafe Poker_is1" = Betsafe Poker "Betsson Poker_is1" = Betsson Poker "Diablo III" = Diablo III "Football Manager 2012_is1" = Football Manager 2012 "Kings Bounty Armored Princess_is1" = Kings Bounty Armored Princess "LastFM_is1" = Last.fm 1.5.4.27091 "MozBackup" = MozBackup 1.5.1 "Mozilla Firefox 8.0 (x86 pl)" = Mozilla Firefox 8.0 (x86 pl) "Mozilla Thunderbird 13.0.1 (x86 pl)" = Mozilla Thunderbird 13.0.1 (x86 pl) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "PokerStars" = PokerStars "Postal 2_is1" = Portal 2 "Rainmeter" = Rainmeter "SopCast" = SopCast 3.4.8 "StreamTorrent 1.0" = StreamTorrent 1.0 "The KMPlayer" = The KMPlayer (remove only) "uTorrent" = µTorrent "Winamp" = Winamp "Xfire" = Xfire (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4055189391-1973898314-2478451747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GoToMeeting" = GoToMeeting 5.0.0.799 "Poker 770" = Poker 770 "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-06-28 20:07:38 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-28 21:07:38 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-28 21:42:37 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-28 22:07:38 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-28 23:07:39 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-28 23:42:37 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-29 00:07:39 | Computer Name = ginus-PC | Source = Software Protection Platform Service | ID = 8193 Description = License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error - 2012-06-29 10:01:02 | Computer Name = ginus-PC | Source = Winlogon | ID = 4103 Description = Windows license activation failed. Error 0x80070005. Error - 2012-06-29 10:01:35 | Computer Name = ginus-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-01 04:55:41 | Computer Name = ginus-PC | Source = Winlogon | ID = 4103 Description = Windows license activation failed. Error 0x80070005. Error - 2012-07-01 04:56:24 | Computer Name = ginus-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: %%31 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: %%31 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: %%31 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: %%1068 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: %%1068 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: %%31 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: %%1068 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: %%1068 Error - 2012-07-06 13:19:40 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: %%1068 Error - 2012-07-06 13:19:41 | Computer Name = ginus-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: AFD cdrom CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf < End of report >