OTL Extras logfile created on: 2013-09-13 11:24:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paweł\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16688) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,86 Gb Total Physical Memory | 6,25 Gb Available Physical Memory | 79,52% Memory free 9,04 Gb Paging File | 7,24 Gb Available in Paging File | 80,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,91 Gb Total Space | 115,78 Gb Free Space | 74,26% Space Free | Partition Type: NTFS Drive D: | 542,38 Gb Total Space | 361,40 Gb Free Space | 66,63% Space Free | Partition Type: NTFS Computer Name: PAWEL | User Name: Paweł | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02C3554E-B86F-4D48-9513-647158FD0529}" = lport=139 | protocol=6 | dir=in | app=system | "{09D87C89-FC9E-49B0-BBC5-492ACD6806A0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{20E4BA66-66C6-4F71-8019-11E137EC15EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{22F7837B-778A-437C-A42F-19DC994BF31E}" = rport=139 | protocol=6 | dir=out | app=system | "{22FD3A80-460F-4B3D-9C28-D31457025A77}" = lport=137 | protocol=17 | dir=in | app=system | "{2664A432-071E-4607-A0AA-A8D3CD758445}" = rport=138 | protocol=17 | dir=out | app=system | "{3E796193-FCC6-4D2E-B8A0-07D9B558BD38}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4C337E09-E4AE-442F-92B2-03B9F47005FE}" = rport=445 | protocol=6 | dir=out | app=system | "{5089E1A0-1C25-46A0-8F41-2ED7CF486BDA}" = lport=138 | protocol=17 | dir=in | app=system | "{5285EA99-7542-447B-8D6C-663F80189DD4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{54304DF9-3437-4707-BDC0-79DEF83BEE1A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe | "{609C1926-5002-41E3-878E-C5C5350C4755}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{694DA62E-E67B-4A6D-8E22-519837B2A0E5}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7B8D572F-9402-45B4-BFB8-8D55B2F1DCCF}" = lport=56144 | protocol=6 | dir=in | name=pando media booster | "{86DB875E-E9E7-4475-8FB5-8FBA091D3C5E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{8C694836-B8FA-49B4-9390-B94D19CBDA03}" = lport=56144 | protocol=17 | dir=in | name=pando media booster | "{8D6CDFDB-4592-4B23-863F-7EFEA76691F1}" = lport=56144 | protocol=6 | dir=in | name=pando media booster | "{904A713E-618E-4EF3-B1F7-E8F8C24FDDD6}" = lport=445 | protocol=6 | dir=in | app=system | "{9BED0C41-F8BC-4B16-978D-C1DF6EB450B3}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9CB328DB-809A-4FB7-9B8E-758ACBE4603C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BB7C5DA1-32B3-4BF6-A3A2-3337A22F3C18}" = lport=56144 | protocol=17 | dir=in | name=pando media booster | "{BF0D5292-AA69-4EC4-96B3-2EFDEE0C79DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C92607A9-A32A-49DE-BE58-C1BC9118BF26}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CB194BC9-DDB5-4C98-A4B3-298A54DB0C10}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CC6B9884-20D6-49C4-9FA4-8EB45CB16C7B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{CFE83DAC-67ED-4C34-8DFE-FA73CE2E76C5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{D313FDBE-997E-4CE5-9533-8237D3871173}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D6386F0C-289D-4275-A05B-E978DE37D3FE}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{DC86038F-781F-4B11-B90E-F6A4A4EF4619}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{EA0ABC3F-1BEE-4C94-B91E-3C70542ED8B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F4062A08-5877-4B4A-8FBD-8ED37A82384F}" = rport=137 | protocol=17 | dir=out | app=system | "{FBFAE341-C907-414B-AAB8-957EDE927F40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D0CC13-E542-4E87-B232-57AD1FE84E3F}" = protocol=6 | dir=in | app=d:\gry\assassins creed 2\assassinscreediigame.exe | "{0392E500-0FAA-4D10-8A06-5052D1CCB2B2}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{060BD54A-9A11-4F4E-BD5D-0D40C2E91F80}" = protocol=17 | dir=in | app=d:\gry\assassins creed 2\assassinscreedii.exe | "{085B80CC-42AC-4FC1-B7C3-8AB57148E171}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0B281F00-AAED-42AD-A075-8E8456727519}" = dir=out | name=@{microsoft.bingfinance_2.0.0.300_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{0BF8AE29-AC6B-4A39-8489-B76200C334F1}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{0D05DF5B-EAC3-414D-8008-F1B90FAA5833}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{10017153-D63F-4E03-8E7C-8FD877AD21C6}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{17A8CF72-CD7C-4823-9182-6AB03D5504F4}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{1826A34D-11EB-458E-9B41-4103CCA4EE12}" = protocol=17 | dir=in | app=d:\gry\assassins creed 2\assassinscreediigame.exe | "{1936AD47-468A-4977-8307-A874EBD836E7}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{1BB90134-59B4-4F11-AFD4-C5DF6DEACD27}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{280B5240-DA10-4A13-9206-F395915454DA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{390EB09B-AFED-427C-A1CF-FBFF545BF76C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{44E4CDF6-19E4-43BD-8A70-FE1AB1EA1831}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{4C0D0719-F5F3-405F-82CC-73076355A8B8}" = protocol=17 | dir=in | app=d:\gry\assassins creed 2\uplaybrowser.exe | "{54AB5625-EAA1-4951-B89A-E67BE64A99CB}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{581D1695-549E-40E5-BC76-BBA52754D05E}" = protocol=6 | dir=in | app=c:\users\paweł\appdata\roaming\utorrent\utorrent.exe | "{5AFC4569-1810-4C53-88FD-7AE6D7728B69}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{6D02AA97-AD8C-43FF-9D54-5DB733597BD0}" = protocol=17 | dir=in | app=c:\users\paweł\appdata\roaming\utorrent\utorrent.exe | "{7B9F79BD-27BF-42F1-ADC6-1BD434D17676}" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | "{7D1CDA0F-5F51-44E8-B058-DBFBC58224C5}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{890A8E48-6482-46F3-B0CD-A78FA50E921D}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{91D9D535-7192-48A9-ABAA-1201708E4F69}" = dir=out | name=@{microsoft.zunevideo_1.5.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{96976EF6-46C5-4B39-8FB3-78E9892C62B5}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{99FC5BCE-84E1-4F64-A195-6B5E16B8B921}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{9B59EFE4-1806-49C2-A9C1-F4C9BDE9ACD0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{9D302565-0819-46CF-B360-1193E94B314B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{A4503205-219B-4854-BC62-49E712B660CC}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe | "{AD789863-9A81-438A-81A4-F3D9A3DB8F2E}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{AE755468-6243-4D89-B9A0-A483DCBDB91B}" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | "{BD34D75C-C581-4F96-B515-31C2C9688386}" = protocol=6 | dir=in | app=d:\gry\assassins creed 2\uplaybrowser.exe | "{C291F290-2333-4B51-8EFE-37A780EBB7AE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{C4B7027B-9E38-4C27-8F09-510384855AB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C878E99F-DC27-47E9-98FC-959DEC83D6E6}" = protocol=17 | dir=in | app=d:\programy\rgsc\rockstar games social club\rgsclauncher.exe | "{CB73A1FC-7D0B-43AC-ACC1-9DBB72FED015}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{CC261BBE-B306-4772-87A7-C2C59F3FBECA}" = protocol=6 | dir=in | app=d:\programy\rgsc\rockstar games social club\rgsclauncher.exe | "{D3F0E403-FD5F-47FE-B6A5-424FDC90B1BB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D5700637-0296-4929-B5E4-A0C9F71425F6}" = protocol=6 | dir=in | app=d:\gry\assassins creed 2\assassinscreedii.exe | "{D8D32C7A-E832-4A31-910D-B3A9E9BEF2A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DB251390-8A0F-43D9-B113-05A0684C3421}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DE873920-353A-4800-AEED-A5EC566E88F7}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EE2C3178-6124-4429-8EBF-874884DB89AE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{FA90CF0C-D56B-4853-9AE2-D2AAD595695C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "TCP Query User{2A06B037-8FF2-4F69-BDB4-29D9F47340EB}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "TCP Query User{DF3D4FF3-73EE-4F79-95D3-B8376362B95E}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{5049E5D1-A03F-48D5-865B-0F8D5A9FDE42}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | "UDP Query User{E00FF073-780E-49BF-94ED-E0C487F18EA8}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64) "{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU "{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) "{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program "{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer "{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64) "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files "{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{79B9DBC2-2B97-4C99-AEE3-D9CEF521B60D}" = ESET NOD32 Antivirus "{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver "{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) "{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 7.2.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 7.2.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1 "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files "{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client "{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = WIDCOMM Bluetooth Software "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64) "{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared "{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "CCleaner" = CCleaner "CPUID HWMonitor_is1" = CPUID HWMonitor 1.23 "HWiNFO64_is1" = HWiNFO64 Version 4.20 "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit) "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit) "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework "{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1 "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools "{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime "{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU "{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI "{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "DAEMON Tools Lite" = DAEMON Tools Lite "Google Chrome" = Google Chrome "HUAWEI DataCard Driver" = HUAWEI DataCard Driver 3.17.06.00 "League of Legends 3.0.1" = League of Legends "Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300 "Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "Sleeping Dogs_is1" = Sleeping Dogs [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-644171674-1530426012-2586623449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-09-12 04:38:04 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-12 04:38:04 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-12 11:27:15 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-12 11:27:35 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-12 11:27:35 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-12 11:27:35 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-13 05:01:04 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-13 05:01:25 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-13 05:01:25 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = Error - 2013-09-13 05:01:25 | Computer Name = Pawel | Source = NvStreamSvc | ID = 131073 Description = [ System Events ] Error - 2013-09-03 09:33:14 | Computer Name = Pawel | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 15:14:41 na ?2013-?09-?03 było nieoczekiwane. Error - 2013-09-03 09:34:37 | Computer Name = Pawel | Source = DCOM | ID = 10016 Description = Error - 2013-09-03 09:34:37 | Computer Name = Pawel | Source = DCOM | ID = 10016 Description = Error - 2013-09-03 09:34:37 | Computer Name = Pawel | Source = DCOM | ID = 10016 Description = Error - 2013-09-03 09:34:38 | Computer Name = Pawel | Source = DCOM | ID = 10016 Description = Error - 2013-09-04 11:33:32 | Computer Name = Pawel | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 17:02:19 na ?2013-?09-?04 było nieoczekiwane. Error - 2013-09-04 14:55:29 | Computer Name = Pawel | Source = LsaSrv | ID = 6033 Description = Anonimowa sesja podłączona z PAWEL próbowała otworzyć dojście do zasad urzędu zabezpieczeń lokalnych na tym komputerze. Próba została odrzucona i został zwrócony stan STATUS_ACCESS_DENIED, który uniemożliwia przecieki informacji dotyczących zabezpieczeń do anonimowego użytkownika wywołującego. Należy naprawić aplikację, która podjęła tę próbę. Skontaktuj się z dostawcą aplikacji. Aby tymczasowo obejść ten problem, można wyłączyć to zabezpieczenie, ustawiając wartość \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD na 1. Ten komunikat będzie rejestrowany najwyżej raz dziennie. Error - 2013-09-08 12:05:59 | Computer Name = Pawel | Source = LsaSrv | ID = 6033 Description = Anonimowa sesja podłączona z PAWEL próbowała otworzyć dojście do zasad urzędu zabezpieczeń lokalnych na tym komputerze. Próba została odrzucona i został zwrócony stan STATUS_ACCESS_DENIED, który uniemożliwia przecieki informacji dotyczących zabezpieczeń do anonimowego użytkownika wywołującego. Należy naprawić aplikację, która podjęła tę próbę. Skontaktuj się z dostawcą aplikacji. Aby tymczasowo obejść ten problem, można wyłączyć to zabezpieczenie, ustawiając wartość \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD na 1. Ten komunikat będzie rejestrowany najwyżej raz dziennie. Error - 2013-09-12 11:26:58 | Computer Name = Pawel | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 17:12:30 na ?2013-?09-?12 było nieoczekiwane. Error - 2013-09-13 05:00:36 | Computer Name = Pawel | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 10:22:42 na ?2013-?09-?13 było nieoczekiwane. < End of report >