OTL Extras logfile created on: 2013-01-18 19:53:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,86 Gb Total Physical Memory | 5,20 Gb Available Physical Memory | 66,19% Memory free 15,71 Gb Paging File | 12,90 Gb Available in Paging File | 82,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 290,14 Gb Total Space | 153,59 Gb Free Space | 52,94% Space Free | Partition Type: NTFS Drive D: | 702,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 3,67 Gb Total Space | 3,50 Gb Free Space | 95,27% Space Free | Partition Type: FAT32 Drive F: | 9,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 100,00 Mb Total Space | 70,36 Mb Free Space | 70,36% Space Free | Partition Type: NTFS Computer Name: LOSIU-PC | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2798050872-3622509634-2258018231-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0067788D-5EC6-4DBF-9F3E-2CDC11945E2C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{09475EBA-0653-4514-9F1E-BE3FE932E058}" = lport=10243 | protocol=6 | dir=in | app=system | "{16823667-090D-4D72-BA11-14A255EE2C5F}" = lport=445 | protocol=6 | dir=in | app=system | "{182A9B5B-7706-4C51-BB2F-3D89E2B99656}" = rport=445 | protocol=6 | dir=out | app=system | "{1D3B019A-554E-4C45-9F0A-1C48EE593E38}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{1EFBB303-D3A9-421A-BFD8-569FF196CC7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{29C6EF71-8273-44BA-B348-1B955082D68D}" = lport=139 | protocol=6 | dir=in | app=system | "{2C9DF958-5C0C-4AA6-807A-7DEE28B2AB7D}" = rport=10243 | protocol=6 | dir=out | app=system | "{38B32696-DC67-4662-B759-CC78457076EC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4B552ACE-1A0B-43B4-9572-91750A7AFDDF}" = lport=138 | protocol=17 | dir=in | app=system | "{4C189612-8662-41B8-AB65-442CF3898874}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{509C2DA8-05E3-4C5A-AA5F-F0D0A70F4F99}" = rport=138 | protocol=17 | dir=out | app=system | "{51F6FCA4-5CE9-4C20-BF74-3D64698FD04D}" = rport=139 | protocol=6 | dir=out | app=system | "{5BDDA78F-BF0D-48D0-BCE0-3E50E3F3D095}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{60F1AA32-88F2-4973-9C0F-2A738A35EB56}" = lport=137 | protocol=17 | dir=in | app=system | "{6F3A1227-05D6-4FA3-BA42-CC6C26F8DC09}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{701CE12A-1FDF-41D0-9FB9-6467E5844691}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{91FB87AB-AA30-4663-9072-7DC2B41B6648}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9AD413BB-CC24-44C9-B764-D08D8F0534FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F19F1E90-1D58-4DD5-BA27-809D66CDDAB9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F5A355B9-BDE9-44AA-9094-87B7B342426B}" = rport=137 | protocol=17 | dir=out | app=system | "{F6AC4ACA-B91A-480E-A123-AAD7CB98AA29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F8AF7199-0FF8-4703-A02C-A5EC53A3B0FA}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C34713B-95C0-4B20-9BC3-E67B3D9344CC}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{0CE411BA-D4A4-4988-97E4-0855C95E3904}" = protocol=6 | dir=out | app=system | "{0E3172F8-EB86-4F2D-BD8A-DE4378DAA906}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "{0F0FE225-7B1A-4A06-B717-3CCF9E7B9A2C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{10031D2B-40A8-437D-BE85-9EE8FE6E9DDA}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "{1268D7FA-374F-47B9-B7A3-8C5D665829D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1EA993B1-152F-42E8-A141-31706A4D4908}" = protocol=17 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\fv32.exe | "{26BAA3D7-A2B0-4B6A-B190-94740F1ED3CE}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "{2EA4314B-D7F9-435D-86C6-DD80C038BDA6}" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\winvnc4.exe | "{36D04843-45D7-4998-954D-EAB4C1621DF0}" = dir=in | app=c:\program files\tightvnc\tvnserver.exe | "{3734DC8C-CE3F-4D07-8CC3-82E1BC6B79F7}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe | "{44011C9F-1806-46D6-82B0-1874846E85E2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{453D2F2C-A67A-4DBB-8ED1-600A19FB88B8}" = dir=in | app=c:\users\mateusz\appdata\local\microsoft\skydrive\skydrive.exe | "{4A063A01-145E-4BB6-9ECE-D1B5E61156F9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{4D5A1B31-0D25-4A2E-99BF-55EAEED7C46B}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "{4F4CA77E-2B03-49DE-80EC-A01F88317058}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{51F2FEB3-801C-4398-9A9D-04C7A855AFD3}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{541CC5E9-27C7-4630-B9FF-374C04CC97DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{648B6FDB-52F8-40E3-B852-2AB492AE2914}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{68A3C7D1-D522-4902-B1D6-FC20A2977187}" = protocol=17 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\ninjali.exe | "{6B11BDA8-B547-4C8A-B0C4-D258DDF3196B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6EC097B3-98C7-4CD6-89AC-B30CFD960572}" = protocol=6 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\xproxy.exe | "{737BFD9E-1DBF-4273-82EE-B60CF855FA02}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8C10B7CF-8D8C-4C33-AE92-802E05CA3D43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8F56676F-693E-4890-8A88-AC77486132DA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{96472949-6372-4C80-B57E-CF3BB44A7E09}" = protocol=6 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\ninjali.exe | "{9820469D-DA5A-4D2B-93AD-5BED096EC013}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9BF4C862-CC60-4A8D-AC8A-D1EF23331311}" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\winvnc4.exe | "{9E128B6B-779A-4045-A795-A1FE6407D3B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A0A1AA76-664E-4C90-9E39-9122106B40A0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{AB653C38-B39E-49DE-B618-332609CD0B78}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AC929F12-4AAE-4C57-AB8C-F00764AA25EB}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "{B40CA91C-74F4-42DF-9122-3079A63F4D65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B75F1727-96F5-4A87-B91A-B6732687E973}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "{BC6746C1-4CCE-419F-B68E-5FAB127DFAF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C39D12C4-7FFE-4419-ABB2-7743AED3CCAF}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "{CB88CA01-B375-424A-B74C-7F12CA244C2C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D11467B2-FF4B-4A4F-8AD7-1FD88F7C5EA1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D3674018-81E2-4C2F-B5E4-3CFE689685AA}" = protocol=17 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\xproxy.exe | "{D8A4B1BF-3EC8-4DCC-A481-F9783E974F7C}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "{D9EEA6F3-DE2B-4DA0-9C02-4E78B1FC8D73}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{DF3E4E0C-FDD1-44EC-9B5A-319A107C4193}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E16A74FA-55BA-4DC3-A190-3900DA23B1DC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E40D81C1-29D9-4A54-9C22-7555BD5A98B1}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\winvnc4.exe | "{E65F522D-5C28-4AB2-9D94-F1786ED69798}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{ECDBEE7F-53C9-4949-B960-1586950DC0C0}" = protocol=6 | dir=in | app=c:\program files (x86)\ninjalite\ninjalite\fv32.exe | "{EE6EAE3C-9206-49E0-B37B-1D3E177DBA4B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FBF38ACC-3DF5-4C6B-A601-2B35B3D07FF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{07E47FFC-492D-4FCC-AA37-1904B8EB6358}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "TCP Query User{15D9132B-5559-446A-A5B0-FAD6B41BCE60}C:\users\mateusz\downloads\winvnc4.exe" = protocol=6 | dir=in | app=c:\users\mateusz\downloads\winvnc4.exe | "TCP Query User{1FA89ADB-8086-43C5-B050-EA093143EF3C}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{386AED0A-30FF-4B99-AFC0-5FB2FAE855A7}C:\program files (x86)\kadu\kadu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kadu\kadu.exe | "TCP Query User{3D7D3083-521B-4B93-82F5-D24D3D0228FD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{428C3BFC-4F82-4524-94D5-25FF7044F5A9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{4DF7F288-5359-4C86-A2DC-614F8C7FB217}C:\program files (x86)\kadu\kadu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kadu\kadu.exe | "TCP Query User{4FC5E777-FA7F-46CD-9A6E-19F047708E91}C:\program files (x86)\nx client for windows\bin\nxssh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | "TCP Query User{9C71E153-4880-4F83-8013-F68496C039F5}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{BFCBA9FF-29BB-4434-B4AD-7BE61A79D47E}C:\program files (x86)\plfon\qtwengophone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\plfon\qtwengophone.exe | "TCP Query User{C9CA5A04-9F4A-41ED-9EA4-D260A70861BF}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "TCP Query User{CB04DEE8-750F-4719-B6A0-9E182D6F4560}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{DCD38887-AABF-4B5E-A4FC-A5CF2C59D6EE}C:\program files (x86)\nx client for windows\nxclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "UDP Query User{0F9924F0-7D71-4005-84AD-F8F1F45AD733}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{1961F685-5BDC-41C2-A409-88BD909D6E23}C:\program files (x86)\kadu\kadu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kadu\kadu.exe | "UDP Query User{1AB1C5B9-E16F-4660-A2E7-BA00466C3BEA}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{56AE6623-5E9D-4670-BC3E-01B338BAED6A}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "UDP Query User{8791FB24-0592-44CD-9C52-FFA6BBD19CA6}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{9662A073-3700-46E0-B57D-F7242B216E65}C:\program files (x86)\nx client for windows\nxclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\nxclient.exe | "UDP Query User{A5A6F024-1CDD-49DE-838F-86B8AC8CBBE9}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{ABE05155-BA6A-4837-A6DB-BF25DDD4E521}C:\program files (x86)\plfon\qtwengophone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\plfon\qtwengophone.exe | "UDP Query User{B87E3B91-2806-4045-92EA-7F855190A3E2}C:\program files (x86)\kadu\kadu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kadu\kadu.exe | "UDP Query User{BB304E08-95B4-4EE8-BE06-4C69B82140F0}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{DA9B0A96-17A7-4172-956C-AA4696A648DD}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{E496840C-2B20-4BB3-96CB-CB3430226CFE}C:\users\mateusz\downloads\winvnc4.exe" = protocol=17 | dir=in | app=c:\users\mateusz\downloads\winvnc4.exe | "UDP Query User{EDBC9A60-6470-4DED-90E2-1029959162BD}C:\program files (x86)\nx client for windows\bin\nxssh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nx client for windows\bin\nxssh.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit) "{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6 "{AFC1B340-0711-4E7B-8B58-276A2B865DA7}" = TightVNC "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter "CCleaner" = CCleaner "cFosSpeed" = cFosSpeed v4.50 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "RealVNC_is1" = VNC Enterprise Edition E4.6.3 "VNCMirror_is1" = VNC Mirror Driver 1.8.0 "VNCPrinter_is1" = VNC Printer Driver 1.7.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{{4E8FFAB1-88FA-4A8C-B611-08C2C9DD69F3}_is1" = NinjaLite 5.3.4 "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{1026DF85-1C0F-4839-888E-EB9D5B73CF46}" = Windows Live Writer "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86) "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{37FDD121-C443-4FD3-A213-2449B397C068}" = Windows Live Messenger "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update "{44D52419-7CE1-4A4C-A6D5-8AEFDE88D47F}" = LG United Mobile Drivers "{4802F8E5-3321-11D6-8494-008048C6ADC0}" = Device Programmer Desktop "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver "{4E55905B-849D-4633-9267-3EC77E24221A}" = Poczta usługi Windows Live "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71972D00-4596-11E2-B6EA-B8AC6F97B88E}" = Google Earth Plug-in "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}" = Windows Live Family Safety "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8F311E72-C27F-4DF0-8254-B739A1831668}_is1" = SUPER © v2012.build.53 (Sep 13, 2012) wersja v2012.build.53 "{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}" = Browse2save "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E800ADC4-F459-42F5-89A2-E754634B010A}" = Windows Live Writer Resources "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80 "avast" = avast! Free Antivirus "DAEMON Tools Lite" = DAEMON Tools Lite "FeedReader_is1" = FeedReader "FileZilla Client" = FileZilla Client 3.5.3 "Free Download Manager_is1" = Free Download Manager 3.9 "HD Tune_is1" = HD Tune 2.55 "IrfanView" = IrfanView (remove only) "Kadu" = Kadu 0.12.2 "Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0 "Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl) "Mozilla Thunderbird 16.0.2 (x86 pl)" = Mozilla Thunderbird 16.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "nxclient_is1" = NX Client for Windows 3.5.0-9 "Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "PDF Editor 3" = PDF Editor 3 "plfon" = plfon 2.1 "Revo Uninstaller" = Revo Uninstaller 1.94 "Snikers" = Snikers4 "SP_c22b9000" = Search Assistant JustBrowse 1.66 "SP_f2a323db" = BrowseToSave 1.66 "SpeedFan" = SpeedFan (remove only) "TeamViewer 8" = TeamViewer 8 "Teleport Pro" = Teleport Pro "UnLock Root" = UnLock Root 2.31 "VLC media player" = VLC media player 2.0.3 "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live "WinOLS 1.x" = WinOLS 1.x [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2798050872-3622509634-2258018231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 5.14 "SkyDriveSetup.exe" = Microsoft SkyDrive "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not listening on IPv4: unable to create listening socket: Tylko jedno użycie każdego adresu gniazda (protokół/adres sieciowy/port) jest normalnie dozwolone. (10048) Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not accepting connections: failed to listen on at least one transport. Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not listening on IPv4: unable to create listening socket: Tylko jedno użycie każdego adresu gniazda (protokół/adres sieciowy/port) jest normalnie dozwolone. (10048) Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not accepting connections: failed to listen on at least one transport. Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not listening on IPv4: unable to create listening socket: Tylko jedno użycie każdego adresu gniazda (protokół/adres sieciowy/port) jest normalnie dozwolone. (10048) Error - 2013-01-18 14:17:58 | Computer Name = losiu-PC | Source = WinVNC4 | ID = 1 Description = TcpListenerManager: not accepting connections: failed to listen on at least one transport. Error - 2013-01-18 14:19:01 | Computer Name = losiu-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-01-18 14:29:11 | Computer Name = losiu-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: qtwengophone.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x48454020 Nazwa modułu powodującego błąd: MSVCR71.dll, wersja: 7.10.3052.4, sygnatura czasowa: 0x3e561eac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000fedc Identyfikator procesu powodującego błąd: 0xfac Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5a9a3d308b3 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\plfon\qtwengophone.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\plfon\MSVCR71.dll Identyfikator raportu: f3871331-619c-11e2-bc54-dc0ea1210eed Error - 2013-01-18 14:29:45 | Computer Name = losiu-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: qtwengophone.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x48454020 Nazwa modułu powodującego błąd: MSVCR71.dll, wersja: 7.10.3052.4, sygnatura czasowa: 0x3e561eac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000fedc Identyfikator procesu powodującego błąd: 0xe18 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5a9c02c6066 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\plfon\qtwengophone.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\plfon\MSVCR71.dll Identyfikator raportu: 08004f9f-619d-11e2-bc54-dc0ea1210eed Error - 2013-01-18 14:30:21 | Computer Name = losiu-PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: qtwengophone.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x48454020 Nazwa modułu powodującego błąd: MSVCR71.dll, wersja: 7.10.3052.4, sygnatura czasowa: 0x3e561eac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000fedc Identyfikator procesu powodującego błąd: 0x2b0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5a9d5e3edde Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\plfon\qtwengophone.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\plfon\MSVCR71.dll Identyfikator raportu: 1d8bea72-619d-11e2-bc54-dc0ea1210eed [ System Events ] Error - 2013-01-15 16:55:03 | Computer Name = losiu-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi simdrv z powodu następującego błędu: %%1275 Error - 2013-01-17 10:37:08 | Computer Name = losiu-PC | Source = DCOM | ID = 10001 Description = Error - 2013-01-17 17:11:22 | Computer Name = losiu-PC | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \SystemRoot\SysWow64\drivers\eprdrv.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2013-01-17 17:11:22 | Computer Name = losiu-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eprdrv z powodu następującego błędu: %%1275 Error - 2013-01-17 17:11:35 | Computer Name = losiu-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi simdrv z powodu następującego błędu: %%1275 Error - 2013-01-17 17:11:35 | Computer Name = losiu-PC | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \SystemRoot\SysWow64\drivers\simdrv.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2013-01-18 14:17:45 | Computer Name = losiu-PC | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \SystemRoot\SysWow64\drivers\eprdrv.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2013-01-18 14:17:45 | Computer Name = losiu-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi eprdrv z powodu następującego błędu: %%1275 Error - 2013-01-18 14:17:45 | Computer Name = losiu-PC | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \SystemRoot\SysWow64\drivers\simdrv.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2013-01-18 14:17:45 | Computer Name = losiu-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi simdrv z powodu następującego błędu: %%1275 < End of report >