OTL Extras logfile created on: 2015-01-08 21:23:24 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy\Kasowanie blednych lokow wirusówOTL FRST 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 59,13% Memory free 8,00 Gb Paging File | 6,18 Gb Available in Paging File | 77,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,59 Gb Total Space | 11,97 Gb Free Space | 20,43% Space Free | Partition Type: NTFS Drive D: | 137,27 Gb Total Space | 26,55 Gb Free Space | 19,34% Space Free | Partition Type: NTFS Drive E: | 134,95 Gb Total Space | 50,10 Gb Free Space | 37,12% Space Free | Partition Type: NTFS Drive F: | 134,95 Gb Total Space | 9,90 Gb Free Space | 7,34% Space Free | Partition Type: NTFS Computer Name: NIESMIERTELNY | User Name: Niiesmiertelny | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = OperaStable] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = OperaStable] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-2955672183-3658250396-1376213474-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0191AF2B-97DD-4E46-B0E5-9BB811E6F80A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{113E538B-F41D-4C6B-A507-A3E4BB17CFCC}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{1262C1DC-98B2-45F3-B036-3557F292F867}" = lport=2869 | protocol=6 | dir=in | app=system | "{167148DC-5CD6-4FD5-8AC7-AE8283B3E39C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{1DFA57FE-705F-4FB1-A662-FDBCC627ED72}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2328121E-A6BE-43EC-90A9-96BC163D3714}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{3E962034-5499-4845-B7B4-2146107DF1C2}" = lport=139 | protocol=6 | dir=in | app=system | "{4CE956FE-4CAE-428C-A185-544DD4A3D646}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{53C8684E-C0D9-4C9D-A1E1-65CFFE702E38}" = lport=138 | protocol=17 | dir=in | app=system | "{5D3F3C4D-A5BA-4798-92F0-A37D5DCE1ACA}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{6132C322-16A5-44D0-B70E-6A7ED9161058}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6659E548-AB05-4488-9D36-FAD4713744FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{66C47EB6-6234-418D-8CD3-6880F143567D}" = lport=137 | protocol=17 | dir=in | app=system | "{6823893B-A47E-48E1-8A08-A4F83EE8C9E6}" = lport=445 | protocol=6 | dir=in | app=system | "{6920063D-8FC2-40D1-8DF0-47B8281C97D2}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{6CCA7A59-916C-4D07-B494-CEB9C69FC0A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7153730B-E2CF-4785-A1D2-7CB6D024EEA7}" = lport=2869 | protocol=6 | dir=in | app=system | "{7727910D-08F6-4F6D-83EF-FF91B8CF764D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{7EC1D098-42DC-4864-B8F2-C93DD9134C53}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7FBB2329-74CD-4D6F-981A-5365E9222C20}" = rport=137 | protocol=17 | dir=out | app=system | "{85C10983-DD98-4E61-9EF8-09E8A3918742}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{8D9B9B3D-8C4C-4FEF-A538-5784D7332D27}" = rport=139 | protocol=6 | dir=out | app=system | "{96C148A7-A7F6-4B37-8238-D5D5C54A5055}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A356BEE7-60BD-4886-91E3-B67EB41C2809}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A7472572-BD0E-41EF-AC7D-208DCF979562}" = rport=2869 | protocol=6 | dir=out | app=system | "{A9159487-F1C9-4A51-95E1-94D54F3B97FC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B1D91C8A-788D-407E-BA76-76DF4CFCDE1C}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{B5C7533D-B7C1-4986-9CDD-1BAE6DFF3786}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{B8697EC7-553B-4504-ABFD-F4BBCD50B2B2}" = rport=138 | protocol=17 | dir=out | app=system | "{BC80B72A-DC3F-4B78-8F8C-90BD60B1D026}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C504DBB0-7577-42BD-AAA8-7ED864A321DB}" = lport=10243 | protocol=6 | dir=in | app=system | "{C56E47B0-E6F1-4600-A8F0-27750B6B1C85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C7952A08-7044-4C84-896F-219A680E1A5A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{CC5D6B03-6D6E-4AB5-B079-BA6B6D561E39}" = rport=10243 | protocol=6 | dir=out | app=system | "{CCE5D4FB-6F42-4A6C-9D53-7D4C2C1A329B}" = rport=445 | protocol=6 | dir=out | app=system | "{CF9FF4B8-9F69-4218-9CF2-2D0616FD45BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D536C58D-FB6C-4464-AE71-0ED8918DC520}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E210929F-A3A4-4C0D-B21E-4CB159AE1FC5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{E2EBFF24-50F9-4118-9B36-01E68D599BBC}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{E302E177-B90E-4FDD-BC4E-C98556C69FB4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E39D2397-07DC-4291-B1BE-ABE404BD42A1}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{EB34E080-F54E-4AE8-B0D4-9BB5A143889B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10155F58-DB9A-4484-8F8D-38AA717D5200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{17853561-47B6-4EC6-BE76-0A0D2741D1E8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{17C17A5F-E101-4A3F-9AA3-110A0B7227C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{266F3DDC-C99A-4BAE-856D-0232B1B3668E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2B9A1822-1678-4A52-9CCF-BAD2AF140615}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicator.exe | "{3B6E8082-8660-4EDD-B4F3-EE4CABFFFCE2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{3D93FB4A-D0E4-49F1-975E-9C5AE2715C1F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{3F908E0D-EA04-40E9-B33E-27E606B049C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{47996CD8-5FBA-4FEE-BA0F-A01BD1DB4E49}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5030D366-F2FB-4E8A-A453-CB690A70A72C}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{51C09428-5221-4647-8A17-3A70953CF4E0}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicatorcom.exe | "{53E509AC-E8D7-4F71-872B-4C209C9EFBDA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5457F96F-410C-4346-B7EA-C58EBE103855}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5B59A76A-31F8-46B9-BF1E-FB3B8DF33394}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5FC7F352-20D9-46D2-8F8F-DAA1F0889306}" = protocol=17 | dir=in | app=i:\setup\data\quake4ded.exe | "{683EE125-02E7-4E74-80DA-180DECBD815A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6F1977E4-C7E8-40BD-9660-D9E7A7013D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{77B5B8C0-9977-4C3C-BA59-FC06D4925513}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{84560E3F-2DAB-4CB5-B524-99641CC2364D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{879666D8-AC12-48F5-B6A0-149EEF5EAC6C}" = protocol=6 | dir=in | app=c:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe | "{885AB424-AD90-4209-A37C-5CEF2ADEA764}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8ACAF74C-515B-4915-9860-7B34604A48DF}" = protocol=6 | dir=out | app=system | "{8F6A328B-16FD-4AF0-B059-2CED3E4AF77E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{910CA7AD-EF32-4788-9615-11EC3EBE0285}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{94C40383-B5BB-4390-AF8B-766B401290AE}" = protocol=6 | dir=in | app=i:\setup\data\quake4ded.exe | "{AB308A2D-0723-40AC-87E9-EBB347F52561}" = protocol=17 | dir=in | app=c:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe | "{B4A875CD-612B-4DFF-ACC3-9F8AD88CE8A0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{B633109E-9BD0-4539-A00E-27C7C2AC1FE6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{BD03CE07-85EF-4B32-AD75-D87CB9BB4025}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C5FE04E5-9252-408D-9833-6B0273C67DD0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E18110F0-2ED4-4093-885D-B84B8142B0B5}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\devicesetup.exe | "{E2878270-0823-410F-969C-B1ECCE19C2A6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E5644850-6CBD-4AD1-8958-923A4E76E081}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E7F9F3B1-2347-4E67-959D-7828FDA56351}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EF074865-574D-477A-B9D1-E2AD6F84C7F4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EF087FF3-5ECE-4BB3-93EB-162E3397369B}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{EFF12DF8-F140-4956-87EE-32B581FF1DC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F572EB4F-5781-4BA9-8DFA-D4452EB7E51C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{FE33A518-85F4-4E79-BC41-C20FBD7ED9CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{00875240-3661-4C03-A1B4-F7813585AFC3}E:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\wotlauncher.exe | "TCP Query User{15AC9E72-305A-4B4B-95E2-299ED0DF1BE8}F:\comandos\commandos3.exe" = protocol=6 | dir=in | app=f:\comandos\commandos3.exe | "TCP Query User{A90E3150-DCEC-4C78-B4BD-6476F3333D9E}E:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\worldoftanks.exe | "TCP Query User{AA3B3A37-2FE9-41BB-8D09-F1C8F09FF78E}E:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\worldoftanks.exe | "TCP Query User{B48AB71C-73D8-4526-BEF7-2EA8746532DD}I:\setup\data\quake4ded.exe" = protocol=6 | dir=in | app=i:\setup\data\quake4ded.exe | "TCP Query User{BF8AB4EB-BE5E-4550-8643-0481C40ED415}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{C503DE25-A785-44CF-ACAE-CF330B83BD9E}C:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe | "TCP Query User{DE668CF1-1D25-4D27-BEF3-CDE6B5AC1B42}E:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\wotlauncher.exe | "TCP Query User{DE806A35-41F2-4897-8453-B9652D626A6E}C:\program files (x86)\formatowanie dysków\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\formatowanie dysków\gg.exe | "TCP Query User{E113FF49-ADE9-4AB4-8B4C-D873D8C90FAE}F:\commandos2\comm2.exe" = protocol=6 | dir=in | app=f:\commandos2\comm2.exe | "TCP Query User{F06626B0-5E72-4A83-8F6C-7E85268C6A32}C:\program files (x86)\formatowanie dysków\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\formatowanie dysków\gg.exe | "UDP Query User{1CD3BE33-5F19-49D0-BC18-3C26BA4B6A83}E:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\worldoftanks.exe | "UDP Query User{41550480-F26A-450B-B807-1D0AC518346A}E:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\wotlauncher.exe | "UDP Query User{4C912F64-4463-489A-866F-49D8EC34235F}I:\setup\data\quake4ded.exe" = protocol=17 | dir=in | app=i:\setup\data\quake4ded.exe | "UDP Query User{7B0F26F0-3C2B-4975-9B61-A271012FCD7D}E:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\wotlauncher.exe | "UDP Query User{889BB37A-67AC-49BA-89FC-F8C1C685C115}E:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\worldoftanks.exe | "UDP Query User{BFCB1A81-FA37-460C-8D12-202BBF5A6360}F:\comandos\commandos3.exe" = protocol=17 | dir=in | app=f:\comandos\commandos3.exe | "UDP Query User{D7E47C47-9B31-49B7-9EBA-D75CCD283685}C:\program files (x86)\formatowanie dysków\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\formatowanie dysków\gg.exe | "UDP Query User{D914BC87-AF90-4ABD-9A62-CFF3ADD0989C}C:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\niiesmiertelny\appdata\local\screamer radio\screamer.exe | "UDP Query User{E51EE821-2EF0-493B-9C41-AA606C205593}F:\commandos2\comm2.exe" = protocol=17 | dir=in | app=f:\commandos2\comm2.exe | "UDP Query User{ED9B2BE0-BAFE-449B-80B2-51628583FF84}C:\program files (x86)\formatowanie dysków\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\formatowanie dysków\gg.exe | "UDP Query User{F8E565B9-4F59-41F0-9B85-91B265694567}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit) "{2AF6DE35-EF82-42D5-86CA-9DE53EA29318}" = HP Deskjet 3520 series — podstawowe oprogramowanie urządzenia "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{EF04170D-0CE0-40E7-9F25-3A2BA2425C6E}" = HP Deskjet 3520 series — badanie mające na celu poprawę produktów "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) "CCleaner" = CCleaner "CPUID HWMonitor_is1" = CPUID HWMonitor 1.17 "NVIDIA Drivers" = NVIDIA Drivers "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam "WinRAR archiver" = WinRAR 4.20 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21 "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 60 "{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1" = Windows Movie Maker 6.1 "{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.8 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A9040F9-A854-4358-80E8-BF508ECD477C}" = Commandos3 - Destination Berlin "{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1 "{545DC010-A357-4B30-9263-A444A65C95C8}" = YouTube Downloader "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{6c8e09b7-7cb1-4714-985e-c963dee28cf2}" = YouTube Downloader "{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call "{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) "{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}" = HP Deskjet 3520 series Setup Guide "{B15746C1-344B-40F8-A54E-85AD2AD8E81E}" = HP Deskjet 3520 series Pomoc "{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer "{FFD9C303-D80B-4E0E-B03E-22BE5AD68FDC}" = Commandos2, Men of Courage "AbiWord2" = AbiWord 2.8.6 "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "avast" = avast! Free Antivirus "BitTorrent" = BitTorrent "Bridge Building Game" = Bridge Building Game "Bridge Project_is1" = Bridge Project, версия 1.4 "Cheat Engine 6.3_is1" = Cheat Engine 6.3 "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "Euro Truck Simulator 2 v1.15.1.1s (20 DLC)1.15.1.1s" = Euro Truck Simulator 2 v1.15.1.1s (20 DLC) "HP Photo Creations" = HP Photo Creations "InstallShield_{4A9040F9-A854-4358-80E8-BF508ECD477C}" = Commandos3 - Destination Berlin "InstallShield_{FFD9C303-D80B-4E0E-B03E-22BE5AD68FDC}" = Commandos2, Men of Courage "Mobile Partner" = Mobile Partner "Mozilla Firefox 34.0.5 (x86 pl)" = Mozilla Firefox 34.0.5 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "ShopperPro" = Shopper-Pro "VLC media player" = VLC media player "Winamp" = Winamp [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2955672183-3658250396-1376213474-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "OpenFM" = OpenFM "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-04-07 04:26:47 | Computer Name = Niesmiertelny | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2014-04-07 04:26:47 | Computer Name = Niesmiertelny | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2014-04-07 10:27:25 | Computer Name = Niesmiertelny | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-04-07 10:27:25 | Computer Name = Niesmiertelny | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-04-08 14:02:57 | Computer Name = Niesmiertelny | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2014-04-08 14:02:57 | Computer Name = Niesmiertelny | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2014-04-08 14:02:57 | Computer Name = Niesmiertelny | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2014-04-09 16:00:45 | Computer Name = Niesmiertelny | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0, sygnatura czasowa: 0x52a6776c Nazwa modułu powodującego błąd: nvspcap.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52a67618 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x100be510 Identyfikator procesu powodującego błąd: 0x780 Godzina uruchomienia aplikacji powodującej błąd: 0x01cf526d60ccc860 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: nvspcap.dll Identyfikator raportu: a2c3a780-c021-11e3-8330-00261889cbc1 Error - 2014-04-09 16:00:58 | Computer Name = Niesmiertelny | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0, sygnatura czasowa: 0x52a6776c Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033a96 Identyfikator procesu powodującego błąd: 0x780 Godzina uruchomienia aplikacji powodującej błąd: 0x01cf526d60ccc860 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\ole32.dll Identyfikator raportu: aa71a860-c021-11e3-8330-00261889cbc1 Error - 2014-04-10 14:18:07 | Computer Name = Niesmiertelny | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „c:\Users\niiesmiertelny\downloads\softonicdownloader_dla_cheat-engine.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. [ Media Center Events ] Error - 2013-05-12 10:09:59 | Computer Name = Niesmiertelny | Source = MCUpdate | ID = 0 Description = 16:09:59 - Błąd podczas nawiązywania połączenia z Internetem. 16:09:59 - Nie można skontaktować się z serwerem.. Error - 2013-05-12 10:12:48 | Computer Name = Niesmiertelny | Source = MCUpdate | ID = 0 Description = 16:12:48 - Błąd podczas nawiązywania połączenia z Internetem. 16:12:48 - Nie można skontaktować się z serwerem.. Error - 2013-05-12 10:13:42 | Computer Name = Niesmiertelny | Source = MCUpdate | ID = 0 Description = 16:13:42 - Błąd podczas nawiązywania połączenia z Internetem. 16:13:42 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 2015-01-08 16:01:07 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Host usługi diagnostyki z powodu następującego błędu: %%1053 Error - 2015-01-08 16:01:07 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Host usługi diagnostyki. Error - 2015-01-08 16:01:07 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Host usługi diagnostyki z powodu następującego błędu: %%1053 Error - 2015-01-08 16:03:23 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi AddonsHelper z powodu następującego błędu: %%2 Error - 2015-01-08 16:03:37 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 Error - 2015-01-08 16:04:01 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error - 2015-01-08 16:04:17 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: iSafeKrnlMon Error - 2015-01-08 16:04:20 | Computer Name = Niesmiertelny | Source = DCOM | ID = 10005 Description = Error - 2015-01-08 16:04:20 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7001 Description = Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2015-01-08 16:04:21 | Computer Name = Niesmiertelny | Source = Service Control Manager | ID = 7001 Description = Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu: %%1058 < End of report >