OTL Extras logfile created on: 05-08-2013 13:13:32 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tokaj\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 2,75 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 66,18% Memory free 5,50 Gb Paging File | 4,30 Gb Available in Paging File | 78,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 54,63 Gb Total Space | 4,52 Gb Free Space | 8,27% Space Free | Partition Type: NTFS Drive E: | 29,49 Gb Total Space | 12,81 Gb Free Space | 43,45% Space Free | Partition Type: NTFS Drive F: | 213,87 Gb Total Space | 81,29 Gb Free Space | 38,01% Space Free | Partition Type: NTFS Drive Z: | 100,00 Mb Total Space | 64,91 Mb Free Space | 64,92% Space Free | Partition Type: NTFS Computer Name: TOKAJ-KOMPUTER | User Name: tokaj | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3947307290-2269647741-2606122387-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{007BC204-1A30-4A7A-B821-C6E95EC57BF7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{21F3E1EA-D411-4F0B-9189-5DE27BC8B467}" = rport=137 | protocol=17 | dir=out | app=system | "{22BFA620-E3A4-47C0-BC66-1A4833847D9D}" = rport=445 | protocol=6 | dir=out | app=system | "{2DBDB6BF-EC37-4AD2-923B-AC9C382FAB7F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2E0442B3-9E8E-4C0D-A9F4-7D3A2E0B6FD1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2E515ED5-6F35-41C3-8AA5-31D7C919FAF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{50BAFCF4-CEA3-46A8-8597-4D9F4AD93F4F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{51A605FF-3A11-420A-8AFC-168BF48953DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{568175B7-27E7-42A9-A53B-60C8F2A40635}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5774CD9D-F572-4649-9C74-41E53FD3273E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5BB09B17-63DA-4C0D-BD53-F3C78BAAF45D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6F8C2033-6690-4770-A260-75DD0A08ADE7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{71E75A32-A9F1-46E3-86FC-AB55C57CEF94}" = lport=2869 | protocol=6 | dir=in | app=system | "{7391AC9D-3C2E-4575-A0D0-8513F1D02D8E}" = lport=137 | protocol=17 | dir=in | app=system | "{75EE2827-4177-4226-93E6-956EDCA9068B}" = rport=139 | protocol=6 | dir=out | app=system | "{7CF24975-269D-4BF1-AF12-A186BD17F208}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{82FEC9A3-AF2A-4096-BDE3-90DFE7474AFC}" = lport=445 | protocol=6 | dir=in | app=system | "{8C9975D6-48BA-4A50-9F2E-016E5161E989}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{93E3247B-F30A-4DEF-84C1-9FBDB908213D}" = lport=139 | protocol=6 | dir=in | app=system | "{9AD4507B-58EA-451A-8127-49C9C3AEDE32}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{9C902849-93F0-41AD-8DAD-61454BEE79FE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AABB4580-7769-41C0-96A9-2E2993ACAD75}" = lport=138 | protocol=17 | dir=in | app=system | "{B8963991-3E17-451B-995A-92CDA0FAB56B}" = lport=2869 | protocol=6 | dir=in | app=system | "{C6B4BF33-1002-4DDC-84C4-7A9E94698B98}" = rport=138 | protocol=17 | dir=out | app=system | "{D1D87C88-0C77-40F9-90F0-3D9215112D47}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D9EE62B0-BD1D-4DB0-A971-76645BCD4B27}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{DEE54432-02D6-4154-A63F-A49FAFA7D405}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DF940653-AE28-46B3-B500-8E5B2AB91EAE}" = lport=10243 | protocol=6 | dir=in | app=system | "{E00DF8A5-3383-4861-AAF4-243ED844C509}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F0BFC4EB-C5B7-45A2-B1ED-1F3414405E51}" = rport=2869 | protocol=6 | dir=out | app=system | "{F399D49E-B547-4847-802E-F4DAF72B8A69}" = rport=10243 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{039053BA-4438-40C1-B6F5-9D0C74F14BC7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{0B46F448-EF08-4572-87D7-56342BB182F1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | "{0BD8AC44-17A6-4122-B069-60BC30E1CD79}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1333375729\ee\aolsoftware.exe | "{0CF7C7ED-42C2-4357-902C-C9A60CA75EB6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{13FCAEDD-9385-435A-98DD-E2DE06D30E95}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1333375729\ee\aolsoftware.exe | "{15C09549-0D5F-45DF-956D-DB5E74CE7426}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{16ACFF2D-A660-480E-BD64-959C9BD1F8FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1809280B-34A4-4668-8625-98648AC7F644}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{28649292-3D0E-4AC3-B993-B8D28FFF3DC9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{28D702C4-CE6E-458E-945D-7F67344B052A}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{29E344F8-5EC2-42F1-ADD6-08F15BBEA408}" = protocol=17 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | "{318B9B78-9301-4582-99CF-C7C9E48F32F2}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{36452140-9E97-4CAF-84A8-010C8717A74A}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{387D1AC1-0835-4AE0-A9D7-4F45735AEC9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3FF5D9A6-1DC0-4E02-BCE1-2798EB762A20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{406A7543-0361-43D8-A7BA-5ABB1E10472E}" = protocol=17 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | "{45C06A9A-EF8E-495E-B23A-C07A46E81BB9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{4871BB82-2440-4A0B-984F-B326DE0495FE}" = protocol=17 | dir=in | app=f:\world_of_warplanes\wowplauncher.exe | "{4A901613-B867-42A4-B0E2-DFBF3C27FE35}" = dir=out | app=c:\program files\gsa search engine ranker\search_engine_ranker.exe | "{4B9DA421-7217-4669-9EBB-9F5A73BD89FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4BC16A16-7DCF-4DCE-A1CA-636429A99C8A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{508235E5-A9B8-4788-8AD0-1365F1220CA6}" = protocol=6 | dir=in | app=c:\program files\iolo\system mechanic professional\sysmech.exe | "{64A63D3F-506C-4B79-A1ED-9B853E4094E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{666CB166-F1DF-4C6E-85BD-2C8CE25DE805}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{6CE533E2-F82F-403C-8A86-63FBB06DBE9C}" = protocol=6 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | "{6FA98CED-1576-404D-AEC1-3762A9AEA0F5}" = protocol=6 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | "{7B0B2DED-7D7C-4636-BBE2-8A2E2D447610}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe | "{8C55CD7A-F222-497A-9CA4-FC63B649A935}" = protocol=17 | dir=in | app=c:\program files\gsa search engine ranker\search_engine_ranker.exe | "{9132D6C7-8B16-44FF-9611-C86A4EC35CF6}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{98C1EC22-CBFC-450E-ADCE-464F0B201C20}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{9916832E-E726-4CDB-B852-18DEE8C42C98}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9922423F-DECB-4F33-A1C4-9F4D948B8014}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{9B5E7A73-DF18-4A1A-90DA-C48DA7B477A4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A174FA14-BB32-4EB4-8129-3021B2C6A2DC}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe | "{A1A19625-A004-4B21-9163-90B705FF87F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A79A04CD-1408-43BB-A225-6F6A256DED20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A8374E7E-9B9D-48A8-915C-81F8277D8811}" = protocol=17 | dir=in | app=c:\program files\iolo\system mechanic professional\sysmech.exe | "{AA7820C7-C323-4570-AADF-DDA5E83BAFAA}" = protocol=6 | dir=in | app=c:\program files\gsa search engine ranker\search_engine_ranker.exe | "{AE12CC6E-99D6-4FF1-85E5-1A504B17F31A}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{AE50A947-22C1-4582-994E-1BF82388BC2B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{AF7A8930-C0B0-4C0F-8391-9B48031A7492}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B1128B94-68E5-4593-B8B6-1BAC6230A5D3}" = protocol=6 | dir=in | app=f:\world_of_warplanes\wowplauncher.exe | "{B74DAC28-8060-49C1-9DF4-4C5F052254DF}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{B859AED8-710B-4A54-8D53-E9811851C206}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe | "{B9D095DB-1DCF-449A-8BDB-A9CBF66F0284}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | "{BA64E1DE-7BFF-4C43-8F78-5C88FB1D8D4A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1333375180\ee\aolsoftware.exe | "{BC403BA6-04FD-4F57-910F-88F02249DC12}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1333375180\ee\aolsoftware.exe | "{C5A424E3-4969-4B8A-B2EC-6D331D1256A1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{D4735E0F-1D36-4F5E-A848-300F75ED0BA1}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe | "{D4E129E1-CC14-45D4-BE74-5C21C4B27CC7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{E532D860-2A90-4ED9-AF3D-9ED82DA20D0C}" = protocol=6 | dir=out | app=system | "{F5C67854-7A46-4829-BDB5-2C604EF7BC65}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "TCP Query User{2A578A51-F685-4E74-A412-F697AB920AC3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{5869A30E-B14B-4153-AC84-3E11015E007E}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{6032EC58-32CC-44F3-A08A-27B377655334}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{72E0E243-D684-4DE3-8B69-F49BCBB573E6}C:\program files\tlen7\tlen7.exe" = protocol=6 | dir=in | app=c:\program files\tlen7\tlen7.exe | "TCP Query User{8EBC810E-AC0F-4F69-9EE0-D1A154AB1FBE}F:\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=f:\world_of_warplanes\wowplauncher.exe | "TCP Query User{9416483D-F83B-4FDB-B275-40CED34B54D6}C:\windows\system32\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "TCP Query User{C0AB947C-0894-4B15-97DC-20F022878F9E}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{D6591D8B-3477-472B-AAD8-51B311305D46}C:\program files\tlen7\tlen7.exe" = protocol=6 | dir=in | app=c:\program files\tlen7\tlen7.exe | "TCP Query User{F9C90690-AD65-4967-A5D5-C2D8ED028BA7}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{FB395D74-2F7E-426E-B728-0076C4A619DD}C:\windows\system32\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "TCP Query User{FC54577A-FA22-4D69-9FCD-13537C9FC4A0}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{0AA7F782-EABE-4EC5-881C-CE92DD9685EC}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{2F36904B-6F0B-4A7C-8231-F8076ECF127E}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{308AC801-45F5-48F0-B4F0-62594D5AA0DD}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{3E93AABD-8750-4DA1-8987-484BED9DCF51}C:\program files\tlen7\tlen7.exe" = protocol=17 | dir=in | app=c:\program files\tlen7\tlen7.exe | "UDP Query User{4C1689A1-7EE6-4E3D-9EBD-FB980332A6E0}F:\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=f:\world_of_warplanes\wowplauncher.exe | "UDP Query User{8879EDF1-4EDC-48B3-81D0-B6B41F7799CD}C:\windows\system32\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "UDP Query User{BDB925E3-F992-4383-8E77-CD19DDC7DDFB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{C0E68793-B96A-42AF-AE61-B8B111FB762E}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{C706830C-39EC-486B-ACB7-A019ABDB2224}C:\program files\tlen7\tlen7.exe" = protocol=17 | dir=in | app=c:\program files\tlen7\tlen7.exe | "UDP Query User{C8D53254-265A-45CC-997A-7AC3E5BCFD2F}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{CA37AC8D-3418-4A14-85AF-21B407246A05}C:\windows\system32\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0240C3B0-AD14-4AB4-966A-484E8D14477F}" = Bezpieczeństwo rodzinne usługi Windows Live "{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime "{027B5748-C409-41FE-949B-7B81A8304EF4}" = SpyHunter "{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files "{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1" = World of Warplanes "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0 "{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared "{48494430-A8AB-11E0-939A-005056C00008}" = MSVCRT Redists "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client "{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12 "{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1" = Share YouTube Videos version 1 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help "{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help "{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{670A2206-F20A-490C-8C13-25EA88BF8E53}_is1" = e-pity 2010 "{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1 "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR "{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Polish "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B35D74AE-A323-E232-1E11-4C8D961FDA24}" = Dailymotion Mass Uploader "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B6892A3F-51F5-4BA4-92E5-3F4A1A10720D}" = Podstawowe programy Windows Live "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer "{BCADF94B-1833-4797-981D-FD258EF5F661}" = PZU Symulator "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser "{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help "{CF589477-3D27-4C6F-82A3-78547ACAC55D}" = Galeria fotografii usługi Windows Live "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files "{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8 "{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E7D1103F-2AB2-454F-876F-6F66153F277D}" = PHP 5.3.17 "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F161A0DD-AAA9-4938-A741-ED491F77D034}" = TuneUp Utilities Language Pack (pl-PL) "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F484219D-D8C6-4B08-8D55-1B181D22BB2C}" = Snap.Do "{F56A55E8-F340-484B-83A5-39C440F0407C}" = Oracle VM VirtualBox 4.2.14 "{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help "{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86) "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "360 Internet Security 2013" = 360 Internet Security 2013 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced SystemCare 6_is1" = Advanced SystemCare 6 "AVG SafeGuard toolbar" = AVG SafeGuard toolbar "Browser Defender_is1" = Browser Guard 4.0 "Bytessence InstallMaker 4.21" = Bytessence InstallMaker 4.21 "CCleaner" = CCleaner "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "com.dailymotion.massuploader" = Dailymotion Mass Uploader "CPUID HWMonitor_is1" = CPUID HWMonitor 1.16 "CyberGhost VPN_is1" = CyberGhost VPN "DRACO - Rachunki" = DRACO - Rachunki "FastStone Capture" = FastStone Capture 7.5 "GIMP-2_is1" = GIMP 2.8.6 "InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11 "iSafe" = iSafe "KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full) "LameACM" = LameACM "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU "Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU "Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU "Mozilla Firefox 22.0 (x86 pl)" = Mozilla Firefox 22.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Multimedia Fusion Developer 2" = Multimedia Fusion Developer 2 "Notepad++" = Notepad++ "Opera 12.15.1748" = Opera 12.15 "RealAlt_is1" = Real Alternative 1.9.0 "ResourceHacker_is1" = Resource Hacker Version 3.6.0 "SpeedFan" = SpeedFan (remove only) "TNod" = TNod User & Password Finder "Totalcmd" = Total Commander (Remove or Repair) "Traffic Travis 4.1 Setup Wizard_is1" = Traffic Travis 4.1.0 "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 2.0.7 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR 4.11 (32-bitowy) "XnView_is1" = XnView 1.97.4 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3947307290-2269647741-2606122387-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CodeBlocks" = CodeBlocks "GG" = GG "Google Chrome" = Google Chrome "Tlen.pl" = Tlen.pl [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 02-08-2013 02:01:03 | Computer Name = tokaj-Komputer | Source = MSSQL$SQLEXPRESS | ID = 3414 Description = An error occurred during recovery, preventing the database 'master' (database ID 1) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support. Error - 02-08-2013 07:02:57 | Computer Name = tokaj-Komputer | Source = ATIeRecord | ID = 16388 Description = ATI EEU Client event error Error - 02-08-2013 08:39:44 | Computer Name = tokaj-Komputer | Source = SideBySide | ID = 16842811 Description = Nie można wygenerować kontekstu aktywacji dla "F:\GRMCHPFREO PL DVD\Aktywator.exe". Błąd w pliku manifestu lub w pliku zasad "F:\GRMCHPFREO PL DVD\Aktywator.exe" w wierszu 0. Nieprawidłowa składnia XML. Error - 04-08-2013 14:54:37 | Computer Name = tokaj-Komputer | Source = MSSQL$SQLEXPRESS | ID = 3414 Description = An error occurred during recovery, preventing the database 'master' (database ID 1) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support. Error - 05-08-2013 02:18:54 | Computer Name = tokaj-Komputer | Source = MSSQL$SQLEXPRESS | ID = 3414 Description = An error occurred during recovery, preventing the database 'master' (database ID 1) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support. Error - 05-08-2013 05:04:48 | Computer Name = tokaj-Komputer | Source = Application Hang | ID = 1002 Description = Program firefox.exe w wersji 22.0.0.4917 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1574 Godzina rozpoczęcia: 01ce91ba5d1611a5 Godzina zakończenia: 28 Ścieżka aplikacji: C:\Program Files\Mozilla Firefox\firefox.exe Identyfikator raportu: 1179a99e-fdae-11e2-a020-406186120a37 Error - 05-08-2013 05:15:06 | Computer Name = tokaj-Komputer | Source = Application Hang | ID = 1002 Description = Program firefox.exe w wersji 22.0.0.4917 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 970 Godzina rozpoczęcia: 01ce91bad7697d3d Godzina zakończenia: 38 Ścieżka aplikacji: C:\Program Files\Mozilla Firefox\firefox.exe Identyfikator raportu: 81439b81-fdaf-11e2-a020-406186120a37 Error - 05-08-2013 06:25:44 | Computer Name = tokaj-Komputer | Source = MsiInstaller | ID = 11721 Description = Error - 05-08-2013 06:31:25 | Computer Name = tokaj-Komputer | Source = MsiInstaller | ID = 11721 Description = Error - 05-08-2013 06:42:58 | Computer Name = tokaj-Komputer | Source = MSSQL$SQLEXPRESS | ID = 3414 Description = An error occurred during recovery, preventing the database 'master' (database ID 1) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support. [ System Events ] Error - 05-08-2013 07:02:50 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:03:20 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:03:50 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:04:20 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:04:50 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:05:20 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:05:50 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:06:20 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:06:50 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. Error - 05-08-2013 07:07:20 | Computer Name = tokaj-Komputer | Source = Service Control Manager | ID = 7003 Description = Usługa PC Tools Browser Defender Driver zależy od następującej usługi: PCTCore. Ta usługa może nie być zainstalowana. < End of report >