OTL Extras logfile created on: 2014-07-15 21:02:17
Transkrypt
OTL Extras logfile created on: 2014-07-15 21:02:17
7733 OTL Extras logfile created on: 2014-07-15 21:02:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seba\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17207) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,83% Memory free 7,98 Gb Paging File | 6,60 Gb Available in Paging File | 82,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 90,00 Gb Total Space | 25,41 Gb Free Space | 28,23% Space Free | Partition Type: NTFS Drive D: | 21,44 Gb Total Space | 6,03 Gb Free Space | 28,13% Space Free | Partition Type: NTFS Computer Name: SEBAPC | User Name: Seba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNativeundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-438653373-4278712116-290565511-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32undll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32undll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{144079A7-F9C5-48A1-A3A8-C8FB0D13A109}" = lport=3478 | protocol=17 | dir=in | name=war thunder | "{1CECF153-CC7D-4F4A-A7E9-3B57625A4296}" = lport=8090 | protocol=6 | dir=in | name=war thunder | "{1E688516-E777-4678-9D92-43DF31144C90}" = lport=33333 | protocol=6 | dir=in | name=war thunder | "{1F2E397E-8DAA-4D9E-816F-6F3680B2D68D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files vidia corporation vstreamsrv vstreamsvc.exe | "{2F61FCF7-D6A5-4B39-8E4A-2AFF997D9C1A}" = lport=7850 | protocol=6 | dir=in | name=war thunder | "{343E7E3C-D05A-4863-8931-5DBC9B624E62}" = lport=27022 | protocol=6 | dir=in | name=war thunder | "{3977E0F3-CF78-4755-827E-F7BA1C06FB07}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86) vidia corporation etservice vnetworkservice.exe | "{3ED8F3C7-4712-4C59-9C34-74809E369D67}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86) vidia corporation etservice vnetworkservice.exe | "{60A3BACF-1C89-4E1C-B7BF-CE339562732D}" = lport=47984 | protocol=6 | dir=in | app=c:\program files vidia corporation vstreamsrv vstreamsvc.exe | "{6328C487-5F73-4011-B50B-932B0A9541A4}" = lport=7853 | protocol=6 | dir=in | name=war thunder | "{65C0F7F1-0B84-46C8-B267-617FF3A8B433}" = lport=20443 | protocol=6 | dir=in | name=war thunder | "{73BE3367-9262-451C-92B2-9951C2075114}" = lport=47991 | protocol=6 | dir=in | app=c:\program files vidia corporation vstreamsrv vstreamer.exe | "{8827A97C-49A8-4DCB-9FAB-4B7248DDA1E1}" = lport=48000 | protocol=17 | dir=in | app=c:\program files vidia corporation vstreamsrv vstreamer.exe | "{8EFF2F52-A831-41AD-B031-602CE02A0B7D}" = lport=7852 | protocol=6 | dir=in | name=war thunder | "{977AFC2A-11F4-43DC-9DAA-F157196082E3}" = lport=20010 | protocol=17 | dir=in | name=war thunder | "{BA012A33-57D8-4F77-8E89-E12604C1B47F}" = lport=6881 | protocol=6 | dir=in | name=war thunder | "{DB9D1CF9-2147-4850-81DF-E5B2E7715B98}" = lport=80 | protocol=6 | dir=in | name=war thunder | "{FDFFBE00-3A55-4522-AC30-B8C2025E293A}" = lport=443 | protocol=6 | dir=in | name=war thunder | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0356F4D7-AED1-45EE-8BBD-3D71632B20C1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{095C3AFA-CAB8-452B-AEF0-D478AD7DA2EE}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | "{0C8EBD93-71C5-4EBC-977E-6DF581201430}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{0CC30A19-4CF0-4683-9DB9-1877AFDC6792}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "{0ECE04F4-F069-4C12-9CEB-E43C57666148}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{31A2DCF5-7D45-41C8-BCEB-D188AEF8135E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts eed for speed(tm) hot pursuit\launcher.exe | "{3870A4BE-425B-48DD-92A2-75055EBAD0AC}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{3EB5AB46-ADBB-4433-8B2F-D27561785974}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4F0E72D9-4B1F-4AA3-A390-25F8B8B2599B}" = protocol=6 | dir=in | app=c:\users\seba\appdataoaming\utorrent\utorrent.exe | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstoreesources.pri?ms-resource://winstore/resources/displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{588C53FC-C105-4256-8753-BD910D277180}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{589DB096-A9B3-4EB0-8175-5CBD0C200FD3}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{5B0A6673-61F0-4E8F-B065-31F232ACBF58}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{5E111B93-3DE0-49F9-9242-E8FCA42B65D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{623BC986-CFE4-4DC2-A839-963E7DD7675B}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{642F60AB-AB4F-47F3-BCBD-5DE0A041803C}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/re sources/communicationspackagename} | "{72D33BBB-00B5-4828-9213-EBDF75240ED4}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{7ADC2F7F-B9E3-4AFD-B800-26FD2344D0B0}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts eed for speed(tm) hot pursuit\launcher.exe | "{81215785-E176-413F-ACFA-01E1A6A086C6}" = dir=in | app=c:\program files (x86)\intel\extreme tuning utility\client\perftune.exe | "{8531BF1C-1293-4E3E-BF60-D5A4AD186E59}" = dir=in | name=skype | "{8AF5677A-5BB4-4629-864A-41DD42247C8A}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{98F99D4B-220C-4709-BE41-C2B59C45E9D2}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{9D584882-775F-4476-9E52-12625F52DF1C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstoreesources.pri?ms-resource://winstore/resources/displayname} | "{B2945A24-54AB-451F-BC65-D848B5622BEA}" = dir=out | name=skype | "{B304AB5D-42ED-44B7-815A-CF734EDE666D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{CFBA2897-E5B5-47B0-A066-D805B26A8942}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{D30D33C8-C172-4833-9454-23FCB3E8C781}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{E0BE5BFA-8F09-4030-AA18-21AE2BE8C79A}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | "{E62A311C-23B9-4255-ABA6-BF0E2AC3F42B}" = protocol=17 | dir=in | app=c:\users\seba\appdataoaming\utorrent\utorrent.exe | "{E7A3E0E4-CC7D-4E0C-B90D-04898D2F3757}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{EB68EFF3-B583-4543-9A84-FC888A09FFE4}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{F2E92447-8D88-4A5E-9976-29660F631CA8}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F68B888C-2874-4955-84FC-AFAB8BA0A9CC}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/re sources/communicationspackagename} | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "TCP Query User{09D3B574-8EEC-4D0D-9E18-320D15C12A46}D:\wot\wotlauncher.exe" = protocol=6 | dir=in | app=d:\wot\wotlauncher.exe | "TCP Query User{0E5B2A86-46AA-45E8-8B69-BA57DCE0B2F8}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{1AA1CD01-5D1E-4F74-8C22-BD5AFFADD5AE}D:\soldat\soldat.exe" = protocol=6 | dir=in | app=d:\soldat\soldat.exe | "TCP Query User{26934650-9F37-4F5E-AAE9-57C43846AC9A}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe | "TCP Query User{2BE1F908-BFF6-432E-A9D9-A4C31D010C6E}C:\users\seba\desktop\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\users\seba\desktop\soldat\soldat.exe | "TCP Query User{3D10A22B-D553-4AB6-A002-E69BFF59CBBA}C:\program files\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files\bitcoin\bitcoin-qt.exe | "TCP Query User{4C3654DE-CF8D-4D0D-9630-ABAD6805E5E1}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | "TCP Query User{645D5159-5119-434C-83D4-EDF5AEB0BB80}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{94BE67AF-8C41-4899-9276-043172B39658}D:\wowp\wowplauncher.exe" = protocol=6 | dir=in | app=d:\wowp\wowplauncher.exe | "TCP Query User{B77DCF4E-D1DF-4BF2-831C-862013DC8B74}C:\program files (x86)\gigabyte\et6\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\gbtupd.exe | "TCP Query User{BBE6FC0D-C99E-4B57-A9F0-03F03990CA2E}C:\users\seba\appdata\local\temp\b306.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\seba\appdata\local\temp\b306.tmp\kmservice.exe | "TCP Query User{DCE3A74F-0A15-4A50-A4F3-E6FF2349B0E6}C:\program files (x86)\xbmc\xbmc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe | "TCP Query User{E555DD53-98F0-4E7F-BF21-675D716A5D91}C:\users\seba\appdataoaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\seba\appdataoaming\spotify\spotify.exe | "TCP Query User{F607906B-8F35-46D1-BCC5-706BC64B00AF}D:\wot\worldoftanks.exe" = protocol=6 | dir=in | app=d:\wot\worldoftanks.exe | "UDP Query User{0BAC5FF4-DD67-4C8D-8623-109E5B7BF5AB}D:\wot\worldoftanks.exe" = protocol=17 | dir=in | app=d:\wot\worldoftanks.exe | "UDP Query User{115935CE-D23C-4ED5-9F4A-26A5DB23FD3E}C:\users\seba\appdataoaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\seba\appdataoaming\spotify\spotify.exe | "UDP Query User{204235FA-31EA-4FCC-AC41-C7DE207E3783}D:\wowp\wowplauncher.exe" = protocol=17 | dir=in | app=d:\wowp\wowplauncher.exe | "UDP Query User{27569D4F-5E4F-4789-97E7-D99660360768}C:\program files (x86)\gigabyte\et6\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\gbtupd.exe | "UDP Query User{37435430-095F-4BE7-B7D6-9B10E6DC2E87}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "UDP Query User{43F72A59-50CF-476A-B77B-335C9062EE05}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe | "UDP Query User{620CFDAB-C6EB-4FCC-AF03-83C6A0330AE6}D:\soldat\soldat.exe" = protocol=17 | dir=in | app=d:\soldat\soldat.exe | "UDP Query User{71F0BB2F-FDE0-4001-85F7-748A84A57BB4}C:\users\seba\desktop\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\users\seba\desktop\soldat\soldat.exe | "UDP Query User{84A29F3E-E787-42A0-8484-1C868742C1B3}C:\users\seba\appdata\local\temp\b306.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\seba\appdata\local\temp\b306.tmp\kmservice.exe | "UDP Query User{B0671EEF-713D-4AA6-86C1-6E1F28196472}C:\program files\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files\bitcoin\bitcoin-qt.exe | "UDP Query User{CE5DBAA1-F7C0-431C-A5AD-55452E75AD44}C:\program files (x86)\xbmc\xbmc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe | "UDP Query User{D32DCFF2-7525-4AA0-8F99-B0B0D113A75D}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | "UDP Query User{D9B17D2A-6D94-4693-A139-1D9C087217F9}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{F49C54C2-2CE0-4093-B09B-02D721E62FC1}D:\wot\wotlauncher.exe" = protocol=17 | dir=in | app=d:\wot\wotlauncher.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01078B88-2981-4F75-96B0-8B22E2D2DE03}" = Microsoft SQL Server 2008 R2 Setup (English) "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.9.18.3794 "{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 SP1 Common Files "{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 SP1 Common Files "{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology "{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8909B8A7-CEAB-4772-BF29-1892C4E6603B}" = Microsoft SQL Server 2005 Backward compatibility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 SP1 Database Engine Shared "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23 "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files "{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}" = Adblock Plus for IE (32-bit and 64-bit) "{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 SP1 Database Engine Shared "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{D8C23BDE-4748-44D9-A9DD-8AB64EB18BE3}" = Microsoft SQL Server 2008 R2 RsFx Driver "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 SP1 Database Engine Services "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 SP1 Database Engine Services "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.68 "doPDF 7 printer_is1" = doPDF 7.3 printer "GIMP-2_is1" = GIMP 2.8.10 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit) "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "PotPlayer64" = Potplayer-64 Bits "SMPlayer" = SMPlayer 14.3.0 (x64) "WinRAR archiver" = WinRAR 5.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant Standard Edition 5.5 "{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 "{179324FF-7B16-4BA8-9836-055CAAEE4F08}" = SDFormatter "{185df49c-e692-4c00-a9ff-827bc6f4c8bf}" = Intel Extreme Tuning Utility "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D FurMark 1.13.0 "{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60 "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT) "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1121.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1" = Ontrack EasyRecovery Professional "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16 "{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}" = TP-LINK TL-WN721N_TL-WN722N Driver "{913E2B02-1BA9-4B38-991B-31C717F9D00C}" = e-Deklaracje Desktop "{9865A4C3-BCFC-455A-A72F-314C65C83344}" = Intel Extreme Tuning Utility "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A76A2E24-6590-44B4-8126-FAB1A7993A64}" = Unigine Sanctuary Demo v2.3 "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Polish "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C206CD7D-7CFE-4F0C-BC68-8873CDE3A5F5}_is1" = MiniAide Fat32 Formatter Home Edition version 1.05 "{D9933B87-F472-486A-BC56-9D04FD6838EF}" = Xmarks for IE "{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1" = Live Update 5 "{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1" = Thunder Master v2.3 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{fd97d1e2-368a-4cd9-af63-8eeff938044a}" = Adblock Plus for IE "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 "3FD0C489-0F02-481a-A3E1-9754CD396761" = Intel® Watchdog Timer Driver (Intel® WDT) "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "CrystalDiskInfo_is1" = CrystalDiskInfo 6.1.1 "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "FileZilla Client" = FileZilla Client 3.8.1 "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1121.1 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 10.3.0 Full "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "Mozilla Firefox 30.0 (x86 pl)" = Mozilla Firefox 30.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OCCT" = OCCT 4.4.0 "Pidgin" = Pidgin "PITy2013IPS_is1" = PITy2013 IPS 1.5.6.0 kompilacja:1.5.6.3 "Soldat_is1" = Soldat 1.6.7 "SpeedFan" = SpeedFan (remove only) "Spintires_is1" = Spintires "SSD Fresh_is1" = SSD Fresh "Stardock Fences 2" = Stardock Fences 2 "Steam" = Steam "SumatraPDF" = SumatraPDF "TeamViewer 9" = TeamViewer 9 "TechPowerUp GPU-Z" = TechPowerUp GPU-Z "The KMPlayer" = The KMPlayer (remove only) "Winamp" = Winamp [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-438653373-4278712116-290565511-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent "XBMC" = XBMC [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-05-21 01:21:29 | Computer Name = sebapc | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 2014-05-21 04:02:52 | Computer Name = sebapc | Source = Microsoft-Windows-Defrag | ID = 257 Description = [ System Events ] Error - 2014-07-15 14:37:11 | Computer Name = sebapc | Source = DCOM | ID = 10010 Description = Error - 2014-07-15 14:40:47 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVGIDSAgent z powodu następującego błędu: %%2 Error - 2014-07-15 14:40:47 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVG WatchDog z powodu następującego błędu: %%2 Error - 2014-07-15 14:44:36 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Zapora AVG z powodu następującego błędu: %%2 Error - 2014-07-15 14:45:50 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVGIDSAgent z powodu następującego błędu: %%2 Error - 2014-07-15 14:45:50 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AVG WatchDog z powodu następującego błędu: %%2 Error - 2014-07-15 14:56:05 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Zapora AVG z powodu następującego błędu: %%2 Error - 2014-07-15 15:00:39 | Computer Name = sebapc | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:56:05 na ?2014-?07-?15 było nieoczekiwane. Error - 2014-07-15 15:00:41 | Computer Name = sebapc | Source = BugCheck | ID = 1001 Description = Error - 2014-07-15 15:00:40 | Computer Name = sebapc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Zapora AVG z powodu następującego błędu: %%2 < End of report > Zrodlo: http://wklej.se/7733