OTL Extras logfile created on: 2012-10-30 13:27:49 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gadzio\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 47,82% Memory free 4,00 Gb Paging File | 2,61 Gb Available in Paging File | 65,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 19,53 Gb Total Space | 2,24 Gb Free Space | 11,46% Space Free | Partition Type: NTFS Drive D: | 133,84 Gb Total Space | 12,75 Gb Free Space | 9,53% Space Free | Partition Type: NTFS Drive L: | 3,77 Gb Total Space | 0,26 Gb Free Space | 6,92% Space Free | Partition Type: FAT32 Computer Name: GADZIO-KOMPUTER | User Name: Gadzio | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-4016191852-2622321514-1773976110-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- D:\programy\firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{24A6053D-584E-4E0B-BCCF-9190B621A671}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{29AFC9BA-8D89-4AA9-94BC-C6EE3F2EE091}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{2D88B585-D265-4C18-83AE-05727C4EAC17}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3491F19B-9C4E-4BAA-917A-BAD8949365D4}" = rport=139 | protocol=6 | dir=out | app=system | "{363542A1-F0AE-4487-80D4-600BED2146E8}" = rport=137 | protocol=17 | dir=out | app=system | "{3A69EC6E-34B0-47AA-B48A-8272A7E25482}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3B1C675A-4875-48A3-B023-56BD8195F85E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3E743D41-8ACC-4CFC-8C5F-9F49AABD5859}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{42772487-1809-4CF3-BB2F-FA8D1435C87B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4970720C-BADB-411A-9298-1D8F9523AC97}" = rport=445 | protocol=6 | dir=out | app=system | "{55A73805-B2B7-4DDA-833C-6B3F578EA243}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{5B319498-78B6-494D-A76D-4E6A19850769}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6D084AF3-FEA7-493F-9824-A50569BC5AAA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{97D86E4E-10AE-4969-B281-CB4C7C40691C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A35397A6-2E2F-4521-9986-FADDE21194FB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BEF3B095-4990-4D1F-89CA-E09D3BC13122}" = lport=137 | protocol=17 | dir=in | app=system | "{CFFF5F8E-B76C-460F-B095-8355FED2B112}" = rport=138 | protocol=17 | dir=out | app=system | "{E0356CA2-97DB-4EDF-9275-B69B40178932}" = lport=445 | protocol=6 | dir=in | app=system | "{E7CB6205-D721-4AAD-AE94-FBEE2066EB66}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EC8887B8-25E4-498C-95C5-5D5991CD76E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ED4951BD-F596-4270-9222-36070AEFA2B4}" = lport=138 | protocol=17 | dir=in | app=system | "{F104C04A-F698-403D-8A2A-C7C9BE86E289}" = lport=139 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08E9BB3B-C15F-46B9-936D-8C2F18A3CF36}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1234469B-D776-450A-B109-B14DA4F25CB9}" = protocol=6 | dir=in | app=d:\gra\ubisort\far cry 2\bin\fc2editor.exe | "{12DC5253-A65B-4D64-A492-C27EDD38B8D3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{136D77B0-B658-441A-9182-437ECC1CA70A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{14F5E36E-188C-49F9-A2E0-4069EACD0667}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{19751E88-3421-48D2-91C1-BD05FEFDEA1B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2EBF0D3F-31A7-4A11-B9B0-84D05BA78E16}" = protocol=17 | dir=in | app=d:\gra\assasin brotherhood\acbsp.exe | "{37D11D8F-224C-4DD5-8D7B-C03AB0F9B0EF}" = protocol=6 | dir=in | app=d:\gra\mafia2\steam.exe | "{3A7189ED-0249-40E2-B118-25BF2C4591D8}" = protocol=6 | dir=in | app=d:\gra\ubisort\far cry 2\bin\farcry2.exe | "{3F00C80C-D818-452F-8636-A8752CDF4D59}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{45D01FF8-3CF3-43F2-8DB4-40C293EC0695}" = protocol=17 | dir=in | app=d:\gra\ubisort\far cry 2\bin\farcry2.exe | "{46DA99DE-FF90-4AF3-B0F5-AF3576DFDDD2}" = protocol=6 | dir=in | app=d:\gra\assasin brotherhood\assassinscreedbrotherhood.exe | "{48C835BB-0FF4-4B6E-B1A1-0EAFC0792B69}" = protocol=17 | dir=in | app=d:\gra\assasin brotherhood\assassinscreedbrotherhood.exe | "{54DEB863-331A-41F4-868C-975CEE9966C7}" = protocol=17 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "{56DA915F-340F-4913-9172-5E2F399D76AA}" = protocol=17 | dir=in | app=d:\gra\assasin brotherhood\uplaybrowser.exe | "{6AAD4F82-9A81-4E3D-BDF8-B8639CB40052}" = protocol=17 | dir=in | app=d:\gra\gta4\rockstar games social club\rgsclauncher.exe | "{6BB272C1-30F7-4D08-82A5-FA054A42E94D}" = protocol=17 | dir=in | app=c:\users\gadzio\desktop\speedtouch330_for_vista\sthiwv\stinstall.exe | "{7734B67F-F700-4459-9280-43D7B5BD2E2B}" = protocol=17 | dir=in | app=d:\gra\ubisort\far cry 2\bin\fc2editor.exe | "{786E750A-DD94-4719-8F12-3245BE43F70F}" = protocol=17 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{7C4798B9-31F7-451C-BF4D-060F3AF6634A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{7D8FC801-59FC-4BCA-B9E5-2E42F4FC7106}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{7ED5C9AF-DC99-425A-8B29-BC7E0FFC87F8}" = protocol=6 | dir=in | app=d:\gra\gta4\rockstar games social club\rgsclauncher.exe | "{801057BC-7EAE-45A7-8B70-187F5C63B070}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{80F992F7-B6C2-43B6-9C54-7F7F9499C384}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8ADDBFB8-938E-4BD1-816F-EB9BD1654F27}" = protocol=6 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "{974F7FA2-E64B-4D7C-9B7A-82395351D53F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9E5B211B-5B09-42C1-9CF2-8239FA35632B}" = protocol=17 | dir=in | app=c:\program files (x86)\thomson\st330\service\st330service.exe | "{9F646547-9C3E-4503-BEDC-2E46A33DE6C5}" = protocol=6 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{A60901F1-0B48-4A1C-811A-056A1FAACE04}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A8863511-999F-4941-9AB5-5A023FDE3825}" = protocol=6 | dir=in | app=d:\gra\assasin brotherhood\uplaybrowser.exe | "{B08B154D-D9DC-42E0-BF8F-B08AD9752825}" = protocol=6 | dir=in | app=d:\gra\assasin revelations\acrmp.exe | "{B151C0F3-83AE-4856-81A9-74156E56FAAD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B4AF3EFC-45C4-4110-BDDE-D88162DF81B3}" = protocol=6 | dir=in | app=d:\gra\assasin brotherhood\acbmp.exe | "{B5C7C020-E9B3-4EC2-823B-4D29EF45A1B7}" = protocol=6 | dir=in | app=d:\gra\ubisort\far cry 2\bin\fc2launcher.exe | "{BD7E3DF8-51C6-4451-9F83-148254819C66}" = protocol=17 | dir=in | app=d:\gra\assasin brotherhood\acbmp.exe | "{BE84513F-6EE8-4026-9202-755CB6954E9E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{CB90F119-6609-4966-B8D1-4AA45CBA9FA7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CF715D17-8DBA-472A-9F8D-6940769E9DA4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{D52C15A9-4C89-46E8-B204-25656FF8D9A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DA7F6070-21D9-43A4-AB94-BAD48DDD950D}" = protocol=6 | dir=in | app=d:\gra\assasin brotherhood\acbsp.exe | "{DE26F07A-2312-4A44-92A4-FDDC2546BE59}" = protocol=17 | dir=in | app=d:\gra\ubisort\far cry 2\bin\fc2launcher.exe | "{E074EA7C-1E8C-4B3E-A793-0102BB639470}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EA8BFCD1-DB2B-427D-8FB0-887DC533C1A8}" = protocol=17 | dir=in | app=d:\gra\mafia2\steam.exe | "{F1CFAAB2-BA7C-4E64-ADBE-083E637F164E}" = protocol=6 | dir=in | app=c:\users\gadzio\desktop\speedtouch330_for_vista\sthiwv\stinstall.exe | "{F1DD54A9-658C-44F4-98BC-78AF531E48FD}" = protocol=17 | dir=in | app=d:\gra\assasin revelations\acrmp.exe | "{F3EF3088-E673-422E-94C5-337C50DE0333}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{FD1BA5E3-2C9C-40F5-AFA0-01C7371E45D1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FD36CF4E-C5BC-4647-BC98-AF1E3EC9346C}" = protocol=6 | dir=in | app=c:\program files (x86)\thomson\st330\service\st330service.exe | "TCP Query User{0B4E8A7F-8106-49A9-907B-F10C625E0F92}D:\gry gadzia\gadzio\metin2client.dll" = protocol=6 | dir=in | app=d:\gry gadzia\gadzio\metin2client.dll | "TCP Query User{2C6BD2EB-5EAC-490F-869D-63F1C4A9AF2A}D:\gra\cod mw3\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\gra\cod mw3\iw5mp_server.exe | "TCP Query User{39AA667A-21F3-43D1-82F3-E1C3EE9070F1}D:\gra\crysis2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gra\crysis2\bin32\crysis2.exe | "TCP Query User{3AF09C9C-5286-43BF-8B59-B8F6D4724A54}D:\gra\wiedzmin 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gra\wiedzmin 2\bin\witcher2.exe | "TCP Query User{57BA83BB-C0EB-43F7-8001-9689FBC6F202}D:\minecraft\bin\javaw.exe" = protocol=6 | dir=in | app=d:\minecraft\bin\javaw.exe | "TCP Query User{5DF0D016-51F0-4DAE-A8AE-3FE0D8101862}D:\elite\cs chyba działa\counter strike 1.6 v42\hl.exe" = protocol=6 | dir=in | app=d:\elite\cs chyba działa\counter strike 1.6 v42\hl.exe | "TCP Query User{85C9AC99-9083-4A19-BA16-EA1AAAE0F03E}D:\elite\cs chyba działa\tutaj\counter strike 1.6 v42\hl.exe" = protocol=6 | dir=in | app=d:\elite\cs chyba działa\tutaj\counter strike 1.6 v42\hl.exe | "TCP Query User{8839F0C8-C168-490A-B8E6-C187A9DD054D}D:\elite\elitemt2\metin2.bin" = protocol=6 | dir=in | app=d:\elite\elitemt2\metin2.bin | "TCP Query User{9D496D2C-0E03-48DA-B58A-73E507A356D5}C:\users\gadzio\appdata\roaming\xatu\izub.exe" = protocol=6 | dir=in | app=c:\users\gadzio\appdata\roaming\xatu\izub.exe | "TCP Query User{A63517AE-2261-434A-AB4B-943DEC334877}C:\users\gadzio\desktop\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\users\gadzio\desktop\gadu-gadu 10\gg.exe | "TCP Query User{A8A1BDF8-8DB2-4EE3-9E4C-CEA4F3DA9C6C}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "TCP Query User{AFC702B6-DC68-4566-BBCB-8203F5456E76}D:\cs\hl.exe" = protocol=6 | dir=in | app=d:\cs\hl.exe | "TCP Query User{BA65B9E4-58D8-4BD6-85EA-CDFAE550CC51}D:\elite\cs chyba działa\counter strike 1.6 v42\hlds.exe" = protocol=6 | dir=in | app=d:\elite\cs chyba działa\counter strike 1.6 v42\hlds.exe | "TCP Query User{BDE023B2-9CFA-48C4-A73B-C7D36657D563}C:\users\gadzio\desktop\worms 4 mayhem demo.exe" = protocol=6 | dir=in | app=c:\users\gadzio\desktop\worms 4 mayhem demo.exe | "TCP Query User{D860CDA9-31F2-49D8-B4A1-338323C72A5F}D:\elite\metin2\metin2\elite\elitemt2\metin2.bin" = protocol=6 | dir=in | app=d:\elite\metin2\metin2\elite\elitemt2\metin2.bin | "TCP Query User{E2E88CA5-DB2D-4BF6-A4EE-55FE8E28418E}D:\cs\cstrike.exe" = protocol=6 | dir=in | app=d:\cs\cstrike.exe | "TCP Query User{E759108B-500B-4111-B7C5-F6C01CC162D8}C:\users\gadzio\appdata\roaming\feaqi\efyna.exe" = protocol=6 | dir=in | app=c:\users\gadzio\appdata\roaming\feaqi\efyna.exe | "UDP Query User{0366F0AF-85F5-41F1-AA9A-996B01CE3886}D:\minecraft\bin\javaw.exe" = protocol=17 | dir=in | app=d:\minecraft\bin\javaw.exe | "UDP Query User{0FF93518-1E6A-4349-8979-05660AD675FF}D:\gra\cod mw3\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\gra\cod mw3\iw5mp_server.exe | "UDP Query User{4863C748-1D0B-4D27-85D7-156C7EA9D91B}D:\elite\metin2\metin2\elite\elitemt2\metin2.bin" = protocol=17 | dir=in | app=d:\elite\metin2\metin2\elite\elitemt2\metin2.bin | "UDP Query User{4B96F400-7B32-419B-8D11-6D7203A3D284}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "UDP Query User{5ECA8D3A-BF89-40E8-955E-D9BC9AC64954}D:\elite\cs chyba działa\counter strike 1.6 v42\hlds.exe" = protocol=17 | dir=in | app=d:\elite\cs chyba działa\counter strike 1.6 v42\hlds.exe | "UDP Query User{67300A68-2469-4EB5-943F-BE397A6793C6}D:\cs\cstrike.exe" = protocol=17 | dir=in | app=d:\cs\cstrike.exe | "UDP Query User{9D26CEB4-DFC0-4DB8-A7EB-1331FE962AFC}D:\cs\hl.exe" = protocol=17 | dir=in | app=d:\cs\hl.exe | "UDP Query User{A304E764-E9F0-47A5-8D7B-02BB05B2B307}D:\gry gadzia\gadzio\metin2client.dll" = protocol=17 | dir=in | app=d:\gry gadzia\gadzio\metin2client.dll | "UDP Query User{A7901529-EF7C-42D6-8388-D09CB5E3CAE8}D:\gra\wiedzmin 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gra\wiedzmin 2\bin\witcher2.exe | "UDP Query User{AA881638-25EA-4C87-901A-8D3844526A1F}D:\elite\elitemt2\metin2.bin" = protocol=17 | dir=in | app=d:\elite\elitemt2\metin2.bin | "UDP Query User{C565C737-F9B9-4910-A952-ED9FF3E92D80}D:\elite\cs chyba działa\tutaj\counter strike 1.6 v42\hl.exe" = protocol=17 | dir=in | app=d:\elite\cs chyba działa\tutaj\counter strike 1.6 v42\hl.exe | "UDP Query User{CA525046-1F74-4675-A529-FD6306D1C40C}D:\gra\crysis2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gra\crysis2\bin32\crysis2.exe | "UDP Query User{D8F5D85D-BF89-4869-AAD8-15127AC54949}D:\elite\cs chyba działa\counter strike 1.6 v42\hl.exe" = protocol=17 | dir=in | app=d:\elite\cs chyba działa\counter strike 1.6 v42\hl.exe | "UDP Query User{E622302A-DF51-4F69-8BBA-B470C6139C59}C:\users\gadzio\appdata\roaming\xatu\izub.exe" = protocol=17 | dir=in | app=c:\users\gadzio\appdata\roaming\xatu\izub.exe | "UDP Query User{EB25F7F8-5FEA-4FB6-971E-436CF1664FAA}C:\users\gadzio\desktop\worms 4 mayhem demo.exe" = protocol=17 | dir=in | app=c:\users\gadzio\desktop\worms 4 mayhem demo.exe | "UDP Query User{EDBC66EC-9126-4A04-8BF1-F341DC4773F9}C:\users\gadzio\desktop\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\users\gadzio\desktop\gadu-gadu 10\gg.exe | "UDP Query User{F841C494-8270-4DF5-B18C-520D851BE79E}C:\users\gadzio\appdata\roaming\feaqi\efyna.exe" = protocol=17 | dir=in | app=c:\users\gadzio\appdata\roaming\feaqi\efyna.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager "{197985EE-73F2-B182-6AEB-21926621ED5D}" = ATI AVIVO64 Codecs "{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit) "{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.3.5818 (64-bit) "{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel "{7A536085-9D02-A10F-10A8-2B26393645C3}" = AMD Drag and Drop Transcoding "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "NVIDIA Drivers" = NVIDIA Drivers "SpeedTouch 330" = SpeedTouch 330 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1DA193D3-BEC6-4FEF-89E3-D8F739216BFB}_is1" = Ashampoo Anti-Malware v.1.21 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding "{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English "{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software "{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1" = Minecraft Auto wersja 1.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB21B808-F784-4883-A4D4-B1473384C1C6}" = LibreOffice 3.5 "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy "{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F6130A03-30EE-D4AD-63C8-E90F422C76C5}" = HydraVision "{F865B0B5-0D43-2704-0B22-35C5F721374B}" = AMD VISION Engine Control Center "{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AIMP2" = AIMP2 "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 1.2.6 "BurnAware Free_is1" = BurnAware Free 4.5 "CCleaner" = CCleaner "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "Cool Record Edit Pro" = Cool Record Edit Pro "Counter Strike 1.6 v42" = RUSH.LV Counter Strike 1.6 v42 "DAEMON Tools Lite" = DAEMON Tools Lite "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "FL Studio 9" = FL Studio 9 "Free Hide Folder" = Free Hide Folder "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Hardcore" = Hardcore "IL Download Manager" = IL Download Manager "Mixed In Key" = Mixed In Key 2.5 "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Native Instruments Traktor" = Native Instruments Traktor "PoiZone" = PoiZone "PunkBusterSvc" = PunkBuster Services "reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0 "Sawer" = Sawer "Toxic Biohazard" = Toxic Biohazard "uTorrent" = µTorrent "Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions "WinRAR archiver" = WinRAR 4.10 (32-bit) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4016191852-2622321514-1773976110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-10-13 15:40:21 | Computer Name = Gadzio-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: hl.exe, wersja: 1.1.1.1, sygnatura czasowa: 0x48feaf5a Nazwa modułu powodującego błąd: steamclient.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x4ab4e25d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00007fe5 Identyfikator procesu powodującego błąd: 0xcf0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cda977a656000e Ścieżka aplikacji powodującej błąd: D:\elite\cs chyba działa\Counter Strike 1.6 v42\hl.exe Ścieżka modułu powodującego błąd: d:\elite\cs chyba działa\counter strike 1.6 v42\steamclient.dll Identyfikator raportu: d270a351-156d-11e2-9b0f-8f3ca1ab217d Error - 2012-10-13 15:46:45 | Computer Name = Gadzio-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: hl.exe, wersja: 1.1.1.1, sygnatura czasowa: 0x48feaf5a Nazwa modułu powodującego błąd: steamclient.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x4ab4e25d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x72d88f25 Identyfikator procesu powodującego błąd: 0xd60 Godzina uruchomienia aplikacji powodującej błąd: 0x01cda97b4bb945c3 Ścieżka aplikacji powodującej błąd: D:\elite\cs chyba działa\Counter Strike 1.6 v42\hl.exe Ścieżka modułu powodującego błąd: steamclient.dll Identyfikator raportu: b790d2e6-156e-11e2-9b0f-8f3ca1ab217d Error - 2012-10-13 16:11:39 | Computer Name = Gadzio-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: hl.exe, wersja: 1.1.1.1, sygnatura czasowa: 0x48feaf5a Nazwa modułu powodującego błąd: steamclient.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x4ab4e25d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x74008f25 Identyfikator procesu powodującego błąd: 0x960 Godzina uruchomienia aplikacji powodującej błąd: 0x01cda97b8d438871 Ścieżka aplikacji powodującej błąd: D:\elite\cs chyba działa\Counter Strike 1.6 v42\hl.exe Ścieżka modułu powodującego błąd: steamclient.dll Identyfikator raportu: 31f9f907-1572-11e2-9b0f-8f3ca1ab217d Error - 2012-10-14 08:23:05 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:23:10 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:23:59 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:24:08 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:24:46 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:25:05 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = Error - 2012-10-14 08:25:44 | Computer Name = Gadzio-Komputer | Source = RasClient | ID = 20227 Description = [ System Events ] Error - 2012-07-02 07:52:35 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-07-02 14:08:20 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-07-05 10:13:45 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-07-05 12:34:45 | Computer Name = Gadzio-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 18:11:29 na ?2012-?07-?05 było nieoczekiwane. Error - 2012-07-05 16:03:27 | Computer Name = Gadzio-Komputer | Source = DCOM | ID = 10005 Description = Error - 2012-07-05 16:03:27 | Computer Name = Gadzio-Komputer | Source = Service Control Manager | ID = 7038 Description = Usługa upnphost nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error - 2012-07-05 16:03:27 | Computer Name = Gadzio-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Host urządzenia UPnP z powodu następującego błędu: %%1069 Error - 2012-07-06 05:29:23 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-07-07 10:56:18 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-07-10 10:41:42 | Computer Name = Gadzio-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. < End of report >