OTL Extras logfile created on: 2013-04-19 00:10:49 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,96 Gb Total Physical Memory | 8,94 Gb Available Physical Memory | 56,04% Memory free 31,91 Gb Paging File | 24,71 Gb Available in Paging File | 77,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,14 Gb Total Space | 42,44 Gb Free Space | 35,62% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 50,42 Gb Free Space | 10,83% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 501,01 Gb Free Space | 53,78% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 62,78 Gb Free Space | 6,74% Space Free | Partition Type: NTFS Drive G: | 465,76 Gb Total Space | 19,34 Gb Free Space | 4,15% Space Free | Partition Type: NTFS Drive I: | 29,82 Gb Total Space | 25,96 Gb Free Space | 87,06% Space Free | Partition Type: NTFS Computer Name: BIENIU-PC | User Name: bieniu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{64E5D62F-9B70-46CF-8A94-D27261B38B60}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{C2907F35-C599-4932-B7E2-BE53F23D64FC}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "TCP Query User{CEB0EFCB-0D29-44EF-9A9B-316770CCB854}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{D58BD6B9-859D-4294-9DF9-C858C9A056FB}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "TCP Query User{D9E72B98-4A8B-434C-AE60-05A11D3C5DC9}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "UDP Query User{4F9E9B9F-B913-4612-A5A6-1E74B44111FF}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{7A0595C3-15FA-419F-A6FB-F1AC77BDFFDC}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "UDP Query User{8E633147-57E4-49F8-90E8-B184E24E000C}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager "{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010 "{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}" = Trapcode Suite 64-bit "{A96702F7-EFC8-3EED-BE46-22C809D4EBE5}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2B47795-9ABC-37C1-0633-68B1B7104543}" = AMD Drag and Drop Transcoding "{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding "{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64 "{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client "{E76A136D-3A4F-40AA-BBDA-D682FCC8C90D}" = Intel(R) Network Connections 17.0.200.2 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "EPSON Printer and Utilities" = EPSON Printer Software "Logitech Unifying" = Logitech Unifying Software 2.00 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "proDAD-Vitascene-2.0" = proDAD Vitascene 2.0 (64bit) "PROSetDX" = Intel(R) Network Connections 17.0.200.2 "sp6" = Logitech SetPoint 6.32 "WinRAR archiver" = WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek "{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi "{022BC727-ACB7-4C1D-109C-177515714A32}" = Catalyst Control Center "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05A6B1CD-AA10-46A0-8D5C-6AD2A9EEFC8B}" = Nero Burning ROM 11 "{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish "{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese "{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11 "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{28C515CC-489B-4c02-898E-FE5B790E52FF}" = EDIUS Codec Option 6.07 "{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl "{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean "{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech "{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM) "{5A1FCDE3-7B05-4821-AD83-B58117E6D0DF}" = EDIUS Hardware Drivers "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian "{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{772E9146-D676-4869-A298-047FF2A2B92D}" = Canopus Codec Option "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish "{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11 "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B91A1230-C199-421e-8F63-7235731D925E}" = EDIUS 6.07 "{BA722179-62EA-4090-923D-D324CE1A691D}}_is1" = Helium Music Manager 8.6.1 "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11 "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM) "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM) "{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy "{D7D38949-8251-4F07-BC2C-AA767308010B}" = TMPGEnc Authoring Works 4 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish "{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All "{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common "{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection "{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple "{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AudioCS" = Creative Audio Control Panel "CD Art Display_is1" = CD Art Display 2.0.1 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "com.adobe.WidgetBrowser" = Adobe Widget Browser "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition "EPSON Scanner" = EPSON Scan "F1 2012_is1" = F1 2012 - Update 1 "GoldWave v5.68" = GoldWave v5.68 "InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}" = Trapcode Suite 64-bit "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 20.0 (x86 en-US)" = Mozilla Firefox 20.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Picasa 3" = Picasa 3 "proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5 "proDAD-Vitascene-2.0" = proDAD Vitascene 2.0 "SubtitleEdit_is1" = Subtitle Edit 3.2.8 "Tlen.pl" = Tlen.pl "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4198842609-2097028919-3928339283-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Detector Plug-in [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-15 03:12:47 | Computer Name = bieniu-PC | Source = Application Error | ID = 1005 Description = Windows cannot access the file C:\Windows\System32\FirewallAPI.dll for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Host Process for Windows Services because of this error. Program: Host Process for Windows Services File: C:\Windows\System32\FirewallAPI.dll The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error - 2013-01-15 03:12:47 | Computer Name = bieniu-PC | Source = Application Error | ID = 1005 Description = Windows cannot access the file C:\Windows\System32\ExplorerFrame.dll for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Windows Explorer because of this error. Program: Windows Explorer File: C:\Windows\System32\ExplorerFrame.dll The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error - 2013-01-15 05:07:36 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: AfterFX.exe, version: 11.0.0.378, time stamp: 0x4f6d63ab Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting process id: 0x780 Faulting application start time: 0x01cdf2ffafc4349a Faulting application path: C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 00773c44-5ef3-11e2-9f18-c86000bd4c76 Error - 2013-01-17 04:04:03 | Computer Name = bieniu-PC | Source = Application Hang | ID = 1002 Description = The program EDIUS.exe version 6.0.7.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: ce4 Start Time: 01cdf48645496277 Termination Time: 37 Application Path: C:\Program Files (x86)\Grass Valley\EDIUS 6\EDIUS.exe Report Id: 73884d67-607c-11e2-967e-c86000bd4c76 Error - 2013-01-18 14:13:10 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc015000f Fault offset: 0x00084621 Faulting process id: 0x1d8 Faulting application start time: 0x01cdf5a2a5a355fe Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: b6b312b3-619a-11e2-b68d-c86000bd4c76 Error - 2013-01-18 14:13:11 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc0150010 Fault offset: 0x000847db Faulting process id: 0x1d8 Faulting application start time: 0x01cdf5a2a5a355fe Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: b79f95a8-619a-11e2-b68d-c86000bd4c76 Error - 2013-01-18 14:41:54 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc015000f Fault offset: 0x00084621 Faulting process id: 0x14e0 Faulting application start time: 0x01cdf5a77bf497b7 Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: ba63caaf-619e-11e2-b68d-c86000bd4c76 Error - 2013-01-18 14:41:57 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc0150010 Fault offset: 0x000847db Faulting process id: 0x14e0 Faulting application start time: 0x01cdf5a77bf497b7 Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: bc7b604d-619e-11e2-b68d-c86000bd4c76 Error - 2013-01-18 15:25:40 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc015000f Fault offset: 0x00084621 Faulting process id: 0x14dc Faulting application start time: 0x01cdf5ad0e63fc4e Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: d780c755-61a4-11e2-b68d-c86000bd4c76 Error - 2013-01-18 15:25:41 | Computer Name = bieniu-PC | Source = Application Error | ID = 1000 Description = Faulting application name: nero.exe, version: 11.2.4.100, time stamp: 0x4f3a7b62 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f Exception code: 0xc0150010 Fault offset: 0x000847db Faulting process id: 0x14dc Faulting application start time: 0x01cdf5ad0e63fc4e Faulting application path: C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: d84fdf0c-61a4-11e2-b68d-c86000bd4c76 [ System Events ] Error - 2013-04-08 11:03:21 | Computer Name = bieniu-PC | Source = Service Control Manager | ID = 7000 Description = The Avira Real-Time Protection service failed to start due to the following error: %%2 Error - 2013-04-10 04:44:49 | Computer Name = bieniu-PC | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort1. Error - 2013-04-12 02:31:31 | Computer Name = bieniu-PC | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort1. Error - 2013-04-13 08:49:49 | Computer Name = bieniu-PC | Source = volsnap | ID = 393252 Description = The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error - 2013-04-16 07:12:46 | Computer Name = bieniu-PC | Source = Microsoft Antimalware | ID = 1119 Description = %%860 has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.P&threatid=2147651154 Name: Trojan:Win32/Sirefef.P ID: 2147651154 Severity: Severe Category: Trojan Path: file:_C:\Users\bieniu\AppData\Local\Temp\IXP001.TMP\AUTORU~1.EXE Detection Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM Process Name: C:\Users\bieniu\AppData\Local\Temp\IXP000.TMP\Autorun.exe Action: %%809 Action Status: No additional actions required Error Code: 0x80070490 Error description: Element not found. Signature Version: AV: 1.147.1843.0, AS: 1.147.1843.0, NIS: 18.160.0.0 Engine Version: AM: 1.1.9302.0, NIS: 2.1.8904.0 Error - 2013-04-16 07:17:54 | Computer Name = bieniu-PC | Source = Microsoft Antimalware | ID = 1119 Description = %%860 has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.P&threatid=2147651154 Name: Trojan:Win32/Sirefef.P ID: 2147651154 Severity: Severe Category: Trojan Path: file:_C:\Users\bieniu\AppData\Local\Temp\IXP001.TMP\AUTORU~1.EXE Detection Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM Process Name: C:\Users\bieniu\AppData\Local\Temp\IXP000.TMP\Autorun.exe Action: %%809 Action Status: No additional actions required Error Code: 0x80070490 Error description: Element not found. Signature Version: AV: 1.147.1843.0, AS: 1.147.1843.0, NIS: 18.160.0.0 Engine Version: AM: 1.1.9302.0, NIS: 2.1.8904.0 Error - 2013-04-16 15:43:54 | Computer Name = bieniu-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NisSrv service. Error - 2013-04-16 15:44:24 | Computer Name = bieniu-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NisSrv service. Error - 2013-04-16 15:44:30 | Computer Name = bieniu-PC | Source = Service Control Manager | ID = 7043 Description = The Microsoft Antimalware Service service did not shut down properly after receiving a preshutdown control. Error - 2013-04-18 17:28:15 | Computer Name = bieniu-PC | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort1. < End of report >