OTL Extras logfile created on: 2014-02-13 10:04:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\666\Desktop\Antywirus 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,95 Gb Total Physical Memory | 13,66 Gb Available Physical Memory | 85,63% Memory free 31,89 Gb Paging File | 29,63 Gb Available in Paging File | 92,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,66 Gb Total Space | 32,36 Gb Free Space | 33,14% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 28,07 Gb Free Space | 71,86% Space Free | Partition Type: NTFS Drive E: | 426,70 Gb Total Space | 2,79 Gb Free Space | 0,65% Space Free | Partition Type: NTFS Drive F: | 1765,36 Gb Total Space | 46,96 Gb Free Space | 2,66% Space Free | Partition Type: NTFS Computer Name: 666-KOMPUTER | User Name: 666 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4032048033-1112140665-3683857433-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02C8F353-250A-430D-8F42-8BBC96865939}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{0F848FC5-F796-4CB1-BE73-0C579F178ED6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{11610627-2306-4125-9FE9-D79E8515D68E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{1954497A-50D0-4239-A894-441ED05F6E22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{27B89672-D7AE-4140-9ABD-86C90E7D233F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{41A3AD90-6407-4606-BB11-3DA24F117FEA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{54723A40-9FD7-4F6F-9985-CAEDAD93A729}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{59173C71-52C9-4A19-8A0E-353CEEB68407}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{5AA64B70-BB9D-430B-88E4-48AECAADF993}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{66A3FCE7-9449-45FF-8825-39DECCC590CC}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{82430D0B-78B4-4A2B-A02D-B53772372B08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{8940562A-4F78-4745-9AB7-7527A318C23C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{984A9CDF-4449-4A78-A565-B5ABB67B8C78}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{A808E8E9-9206-4789-87A0-567C47A2D540}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{B401C191-D62F-4015-B455-7D42E300A42F}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{BB993927-0E63-426A-960B-910AE25C89C9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{BEC2B3C5-1D54-40C7-A090-34EC09066D2A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{CD9F7CCF-ABE5-42B2-94EE-5721E028DF98}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{CE71457D-FB38-4552-B58E-A595A8F60B54}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{CE7A0BED-0CE9-4F1F-9D7A-312C42D457D8}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{D5AF96D6-8DE0-469A-826A-4C779296350F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{DF7500E7-4295-426A-BEF7-4C8F51B8FE1C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{F200E300-3FFB-4F4A-9A5E-D141F5A58C32}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{FA32421B-A108-492D-BE42-40FBCF2D8496}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2919F6D5-53C7-475B-BD49-6B3F49563253}" = dir=in | app=c:\program files (x86)\cyberlink\powercinema\powercinema.exe | "{29439545-7D93-42FD-ADC1-33FDE1E2D1D5}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tveservice.exe | "{34B9BD92-A627-4A7E-A68E-CAE6F3C60F6B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{3F9DCC9A-8A80-4B71-836C-5C511AF9D32B}" = protocol=17 | dir=in | app=f:\gry\max payne 3\playmaxpayne3.exe | "{5C24D813-3937-4274-88E3-43A6D824ED9E}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tvenhance.exe | "{6AA37710-38CF-4773-A5B1-51DBBBAB49B7}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tveservice.exe | "{78B3FD29-9F16-4009-A43A-E293CA9177F4}" = dir=in | app=c:\program files (x86)\cyberlink\playmovie\pmvservice.exe | "{816A623F-277D-4EE0-ADD5-CFF98E30CFE6}" = dir=out | app=f:\gry\max payne 3\playmaxpayne3.exe | "{8B184D4B-258C-4BD4-8FF0-E959414C6E67}" = protocol=6 | dir=in | app=f:\gry\max payne 3\playmaxpayne3.exe | "{8C5110B8-E46F-4798-BF03-7194A8CCF772}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tveservice.exe | "{A3927820-DD61-4E99-BA3E-36C011BE2F04}" = dir=out | app=f:\gry\max payne 3\maxpayne3.exe | "{C59DB5A0-EB22-4229-9A34-42796DB7B51B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{C66B3059-74CD-41C7-B63B-EA406360E49B}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tveservice.exe | "{D39A7D55-B21D-4DCD-9CC3-6CC8BB6252FC}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tvenhance.exe | "{DDB6A240-88C9-4E74-9D1A-9D806A6511FA}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tvenhance.exe | "{E3D8E8FF-B707-41E3-8557-47A3438BD67E}" = dir=in | app=c:\program files (x86)\cyberlink\playmovie\playmovie.exe | "{EBD3ACD4-97C2-4118-BB27-788B95B96A10}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{ED3C9369-A038-4955-B136-8A8180F8481D}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\tv enhance\tvenhance.exe | "TCP Query User{04792D3A-34ED-4A0E-A7DF-68C84791D723}F:\gry\worms revolution\worms revolution\wormsrevolution.exe" = protocol=6 | dir=in | app=f:\gry\worms revolution\worms revolution\wormsrevolution.exe | "TCP Query User{06E53870-96A1-488A-B6D6-A6A9BD62078D}F:\gry\nfs mw\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=f:\gry\nfs mw\need for speed most wanted\nfs13.exe | "TCP Query User{5BD78AA9-5043-4948-B5D3-13313ED6BD72}F:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuclient.exe" = protocol=6 | dir=in | app=f:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuclient.exe | "TCP Query User{C3DAA279-FF99-4F34-ADE2-857ECBA15617}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{CB045C61-D608-4024-B408-EDCD3F723C94}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{CE30B93E-8AD2-46B9-97E6-CE8DEE4D9AFB}F:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuserver.0.9.9.exe" = protocol=6 | dir=in | app=f:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuserver.0.9.9.exe | "TCP Query User{CF7F39FC-C16D-405A-83FF-2F30633C6B5B}F:\gry\gta4-eflc\eflc.exe" = protocol=6 | dir=in | app=f:\gry\gta4-eflc\eflc.exe | "TCP Query User{DD879BBA-E6F3-4210-A88D-045ECA7E1F15}F:\gry\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=f:\gry\max payne 3\maxpayne3.exe | "TCP Query User{F441D3D4-47DC-4EDD-A9B6-737A5EC43AD9}F:\gry\mortal kombat - komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=f:\gry\mortal kombat - komplete edition\disccontentpc\mkke.exe | "UDP Query User{64BFD68A-344C-4497-8FE6-2B1C117A3744}F:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuserver.0.9.9.exe" = protocol=17 | dir=in | app=f:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuserver.0.9.9.exe | "UDP Query User{7DD15AD5-5AE5-448D-B7E2-C144ECD952CF}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{8787A873-886C-4D81-BA93-D99E8D20FDA6}F:\gry\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=f:\gry\max payne 3\maxpayne3.exe | "UDP Query User{8D3C0845-6DCE-4662-9DE4-4BA4F521BBE3}F:\gry\worms revolution\worms revolution\wormsrevolution.exe" = protocol=17 | dir=in | app=f:\gry\worms revolution\worms revolution\wormsrevolution.exe | "UDP Query User{9FA43154-C70B-4FAE-A8AC-DACA34657E04}F:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuclient.exe" = protocol=17 | dir=in | app=f:\obrazy płyt + dodatki\dodatki do gier\nfsu\nfsu_lan.0.9.9\nfsuclient.exe | "UDP Query User{AE5163DC-195C-4191-80DE-C850EE890BA4}F:\gry\mortal kombat - komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=f:\gry\mortal kombat - komplete edition\disccontentpc\mkke.exe | "UDP Query User{DD9C268F-40AB-427A-8CB5-FCB326C0647D}F:\gry\nfs mw\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=f:\gry\nfs mw\need for speed most wanted\nfs13.exe | "UDP Query User{EF11D23B-6102-46E5-94B4-2F95F8746815}F:\gry\gta4-eflc\eflc.exe" = protocol=17 | dir=in | app=f:\gry\gta4-eflc\eflc.exe | "UDP Query User{F4716D3F-505E-4AEC-9CBB-9642F1A7E217}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio 2.7.2 "{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client "{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{46665C63-E5FA-45FE-ACBC-C1B6A78483F3}" = NVIDIA Nsight Visual Studio Edition 3.1.0.13141 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5 "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}" = MSVCRT Redists "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocumentation_5.5" = NVIDIA CUDA Documentation 5.5 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 11.10.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.67.1 "MediaInfo" = MediaInfo 0.7.62 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph "{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{248E4799-DB04-4B1A-902C-194669F995CE}" = Nero Move it "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40 "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl "{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver "{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1 "{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime "{4545A589-F76E-4514-B0CE-2F11AB6CEC7A}_is1" = GTA IV Episodes from Liberty City "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7534AD6F-A485-42A4-AE5A-43828817F29A}_is1" = Free CUDA Video Converter 7 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{7BC02A8D-DAE7-400C-BD07-F5C33034FDB5}_is1" = VSO Blu-ray Converter Ultimate 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{879E1A85-4B17-48CF-8D73-6CC09F46497E}_is1" = Connon Fodder 3 version 1.0 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter "{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent "{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Polish "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{DEFA5390-8533-47B5-81F7-3816916BDC6F}" = Nero Move it Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Any Audio Converter_is1" = Any Audio Converter 4.0.1 "Audacity_is1" = Audacity 2.0.2 "AutoGK" = Auto Gordian Knot 2.55 "avast" = avast! Free Antivirus "Avidemux 2.6 - 64bits (64-bit)" = Avidemux 2.6 - 64bits "AviSynth" = AviSynth 2.5 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.2.1 Home Edition "Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 3.0.0.1 "HandBrake" = HandBrake 0.9.9.1 "ImgBurn" = ImgBurn "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full "LAME_is1" = LAME v3.99.3 (for Windows) "Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0" = Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0 "MKVToolNix" = MKVToolNix 6.7.0 [20140102-565] "Mortal Kombat Komplete Edition_is1" = Mortal Kombat Komplete Edition "Mozilla Firefox 27.0 (x86 pl)" = Mozilla Firefox 27.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Need for Speed Most Wanted_is1" = Need for Speed Most Wanted "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PowerISO" = PowerISO "Rockstar Games Social Club" = Rockstar Games Social Club "Superfrog HD_is1" = Superfrog HD version 1.0 "The KMPlayer" = The KMPlayer (remove only) "Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions "VobSub" = VobSub v2.23 (Remove Only) "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "Worms Revolution_is1" = Worms Revolution "Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate "XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only) "Żulionerzy NG_is1" = Żulionerzy NewGeneration [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4032048033-1112140665-3683857433-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-02-11 03:51:30 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-11 08:29:14 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-11 14:19:04 | Computer Name = 666-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\666\Downloads\SoftonicDownloader_dla_partition-wizard-bootable-cd.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 2014-02-11 16:04:04 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-11 16:13:53 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-12 05:25:32 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-12 15:14:44 | Computer Name = 666-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 11.10.11.1, sygnatura czasowa: 0x52ddc011 Nazwa modułu powodującego błąd: nvspcap.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52dde0cc Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x100c9860 Identyfikator procesu powodującego błąd: 0x86c Godzina uruchomienia aplikacji powodującej błąd: 0x01cf27d42cf18177 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: nvspcap.dll Identyfikator raportu: edc9d3a6-9419-11e3-a168-902b34a2f4ab Error - 2014-02-12 15:14:54 | Computer Name = 666-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 11.10.11.1, sygnatura czasowa: 0x52ddc011 Nazwa modułu powodującego błąd: nvspcap.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52dde0cc Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x1000c292 Identyfikator procesu powodującego błąd: 0x86c Godzina uruchomienia aplikacji powodującej błąd: 0x01cf27d42cf18177 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: nvspcap.dll Identyfikator raportu: f3ac1ba4-9419-11e3-a168-902b34a2f4ab Error - 2014-02-13 04:31:12 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-13 04:46:00 | Computer Name = 666-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-01-18 06:19:15 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7032 Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error - 2014-01-20 06:25:46 | Computer Name = 666-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:12:44 na ?2014-?01-?20 było nieoczekiwane. Error - 2014-02-06 05:15:52 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi eventlog. Error - 2014-02-06 05:18:26 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7022 Description = Usługa Windows Update zawiesiła się podczas uruchamiania. Error - 2014-02-11 16:01:34 | Computer Name = 666-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-02-13 04:39:21 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-02-13 04:40:50 | Computer Name = 666-Komputer | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2014-02-13 04:41:12 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-02-13 04:53:11 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-02-13 04:55:02 | Computer Name = 666-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. < End of report >