OTL Extras logfile created on: 2014-11-13 15:32:45 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\Pobierane 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17420) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,98 Gb Total Physical Memory | 3,62 Gb Available Physical Memory | 60,50% Memory free 11,96 Gb Paging File | 9,46 Gb Available in Paging File | 79,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,69 Gb Total Space | 25,27 Gb Free Space | 22,63% Space Free | Partition Type: NTFS Drive D: | 244,14 Gb Total Space | 11,24 Gb Free Space | 4,61% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 7,96 Gb Free Space | 8,15% Space Free | Partition Type: NTFS Drive F: | 589,71 Gb Total Space | 67,33 Gb Free Space | 11,42% Space Free | Partition Type: NTFS Computer Name: MICHAŁ-KOMPUTER | User Name: Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2530276816-3700334083-244097047-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01B92985-FD9D-46E4-B356-581A3C794337}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{05D6DE0D-9163-4BFF-B33B-2AB5030F4A69}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1A5F10FF-3D27-41E2-8D32-03DA3645118C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{20E9CDD7-D981-4042-954A-2626635E8500}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{36F17870-3B58-4AC3-BF77-7BDD78DB558E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3A8D0405-AEBD-4E84-9883-477061121CBB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{42A81200-7976-4460-A6A6-664C0C32EF8C}" = lport=139 | protocol=6 | dir=in | app=system | "{43830E76-3608-405F-A41F-91F67AA595FB}" = lport=137 | protocol=17 | dir=in | app=system | "{442C0EF5-3F6C-4640-86DC-8AC73C1A437F}" = rport=139 | protocol=6 | dir=out | app=system | "{4E5ADBB6-595E-4728-81C2-966FE0A5030A}" = rport=138 | protocol=17 | dir=out | app=system | "{5BDB505B-7EEC-4838-B9E0-B02E96D1F836}" = lport=445 | protocol=6 | dir=in | app=system | "{64257908-54C8-49B9-A7C1-40BD2FAE74C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{65AD44A9-1F6E-4F7B-BFFA-FFC7A62B3841}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{71A69E14-C238-4CB9-89C7-771F855E54CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{813F9357-26C7-4B2B-91B4-A6FF4A6719E3}" = rport=445 | protocol=6 | dir=out | app=system | "{85D5FC22-CDC6-4233-BC3E-D33C551BEF2A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B1B01980-859A-449C-883D-ADA1F348CDCD}" = lport=2869 | protocol=6 | dir=in | app=system | "{C0CF19C2-7A83-4484-91DD-6C1FE25C598D}" = rport=137 | protocol=17 | dir=out | app=system | "{C34AA9FE-BB15-4D71-BE92-9ABEB687543E}" = rport=10243 | protocol=6 | dir=out | app=system | "{E06D1097-D85F-4210-9C44-6B0AE1709CF5}" = lport=10243 | protocol=6 | dir=in | app=system | "{E2C2816F-DA2A-410A-BC2E-D85A3923B963}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E36AAB17-B8FD-4435-B476-ECF030073D42}" = lport=138 | protocol=17 | dir=in | app=system | "{EA74701B-F391-424B-9EF4-E5147D69D767}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{032A0CC2-8673-4A77-9C6B-CE8185A88054}" = protocol=17 | dir=in | app=f:\gry\aoe3\age3.exe | "{06B44777-0449-4A32-8479-7AC36C766230}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{071F7F0F-FB65-45D4-91D5-3728C3E069B6}" = protocol=17 | dir=in | app=f:\steam\bin\steamwebhelper.exe | "{0BC67387-FDE6-4509-9EB0-13495A2999B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0CDB9C2C-2563-459D-ABF2-D9C2F94CFBD6}" = protocol=6 | dir=in | app=c:\users\michał\appdata\local\temp\audiodgt.exe | "{18386E55-C9E4-44D8-BED3-43E44A4D97A9}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\half-life\hl.exe | "{2030CC23-7022-49CA-9985-96DE9EE5D678}" = protocol=6 | dir=in | app=c:\users\michał\appdata\local\temp\kmsnano\qemu-system-i386.exe | "{23557C39-C697-4D80-9017-83834DBEAF15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{27C926A6-4927-4ECB-9EB8-7491621D5B4A}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{28101AAC-D2A7-4D1B-80E6-69516219693F}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | "{2F7F3470-0ADC-4D1A-98E4-8C95408B07CB}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{333CB036-DB67-44CC-9D6E-5EBB3343314A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3A306512-A830-4996-BB84-D605B75BEFAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3D9FA49C-B9F3-4A20-B19B-5EAB863AA231}" = protocol=6 | dir=in | app=f:\steam\bin\steamwebhelper.exe | "{404C77FA-4A3E-4768-ADF0-8F632B63C828}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5206B78E-57AF-4D05-ADCB-9C0A63E62F0D}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{554B75B2-A33B-4FEC-96AB-F6D9BF409B2D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{59C8438A-2FF3-4627-A943-BF217C29C23D}" = protocol=17 | dir=in | app=c:\users\michał\appdata\roaming\utorrent\utorrent.exe | "{5DF1D160-0C2D-4E5B-B261-45FF34161A30}" = protocol=17 | dir=in | app=f:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | "{6831B1B8-8007-45EA-B9E0-84FB463C6517}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{758CB731-9D99-40F0-94CD-5599C4CB9D27}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | "{7F97F944-0D19-4E07-A0DD-9EC3A67B2EAE}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe | "{81A2ECD9-2F4F-4152-AEA2-1C2BE9F25532}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{84D7105A-5497-49AD-BF04-D7FC85786A5D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{89009D60-D6CB-4BDD-BCC4-38813A7DE723}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{91E0BE22-9527-45AB-A5B4-D75344AA4C20}" = protocol=6 | dir=in | app=f:\gry\aoe3\age3.exe | "{925445A3-647E-421E-B603-592D9B17AE44}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{93870D99-1C29-42EF-AF28-0C3D5D04BBD5}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{98E3000F-5FAC-4096-923E-0132D2143042}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{99D99A7E-8B3D-4FC6-9A85-99F80D68ADD9}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe | "{9DCBA25A-7ACF-4160-9243-3A48187DEB16}" = protocol=6 | dir=in | app=f:\gry\gameforgelive\gfl_client.exe | "{9FEA2446-BD64-41D5-A2F8-4F5AA25017E9}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe | "{A14C57BC-641D-492A-A9D9-F49F0DC9C099}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe | "{A430DB45-3E1C-4B52-94FE-61246FA6B568}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{A485EB4C-5C33-4811-A378-A9E123205FD1}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{A4BFD1C8-E2D0-4C73-ACDD-071DE4306B51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A881276F-79D0-436B-A5BA-FD85949471EE}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | "{AA20129A-809F-4AE3-B1C2-48ED222C003F}" = protocol=6 | dir=in | app=f:\steam\steam.exe | "{AA368A6C-27EA-4C96-816C-8208D0B0FA9F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AD30341F-DB10-4C7A-B161-F1886875E1F5}" = protocol=17 | dir=in | app=c:\users\michał\desktop\nowy folder (2)\samp-server.exe | "{B9EDE4FE-EF48-4D82-A67C-BADCCA9F33E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BC4B0DB8-4890-40C2-A739-50756D9826D6}" = protocol=6 | dir=in | app=c:\users\michał\desktop\nowy folder (2)\samp-server.exe | "{C4122980-8F1E-49C0-A5F1-C6226CFAADE6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C877EA68-5673-43C0-91BC-3876CCC22F52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C97EE7FB-A88A-49E1-A99F-0F8585021832}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C9D855C2-9E55-41E7-B5F0-BCB5761E9C21}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{CCB2EA2D-99E8-4DA0-B7E2-2D2C406E3E8E}" = protocol=17 | dir=in | app=f:\steam\steam.exe | "{D40CF835-9B7F-4D5B-BDBF-A90954B93F09}" = protocol=6 | dir=out | app=system | "{D431E099-E34C-4187-BD5C-B1E6F6C90C9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D4DCE6D0-F42A-440D-9D3C-E749779090A9}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | "{D64077C6-1D87-43AE-9050-9B3EBA30F315}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D79E4F71-94F8-46F1-A7D5-70F9782D7916}" = protocol=17 | dir=in | app=c:\users\michał\appdata\local\temp\audiodgt.exe | "{DA1CE79C-6C0D-419D-92CF-8FD22A66C26A}" = protocol=6 | dir=in | app=c:\users\michał\appdata\roaming\utorrent\utorrent.exe | "{DDA68FDF-41B0-4E73-914C-2905E97D712D}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{E1819B40-B4CE-4C41-B276-450CF5B198EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E5BB6B98-7A88-4117-98DB-66DD538321B2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E5CFC642-A208-442C-8D7C-D59C5B6185F6}" = protocol=17 | dir=in | app=c:\users\michał\appdata\local\temp\kmsnano\qemu-system-i386.exe | "{E5FD705A-D307-4EDF-BF09-630936C15126}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{E842C44F-FFF1-41C8-84E9-8AE02D332638}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{EC62C38A-A9F7-45FC-8A5C-0FEFECCDC6AF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{EC7CEE9D-247A-40BF-80D2-AC780F3CBCCE}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\half-life\hl.exe | "{F1CC7E67-A8D8-412B-B21E-6B09CF430780}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FADA6EAD-C018-411C-86FD-7FC3809075BB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FAE3B04D-3042-428C-B1B3-D915024A8B79}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{FD979837-2A4A-4873-BD1D-69B1D401478E}" = protocol=6 | dir=in | app=f:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | "{FF280493-E3BE-44C5-9B22-12550D1FC445}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{711F7181-05E8-4110-8E94-96698950615E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{86FBE5B4-B00B-46E8-BD64-F6AD6C177CAC}E:\!kopia windows 8 07.06.2014\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=e:\!kopia windows 8 07.06.2014\totalcmd\totalcmd64.exe | "TCP Query User{87555C20-6859-45A7-B084-58A7D66B2A77}C:\users\michał\desktop\nowy folder (2)\samp-server.exe" = protocol=6 | dir=in | app=c:\users\michał\desktop\nowy folder (2)\samp-server.exe | "TCP Query User{A6C20955-639F-4066-BED4-C0ABEF24E1AA}F:\gry\battlefield 4\bf4_x86.exe" = protocol=6 | dir=in | app=f:\gry\battlefield 4\bf4_x86.exe | "TCP Query User{D354F200-5F48-47CE-8F89-2C3B2D2D7519}F:\gry\aoe3\age3.exe" = protocol=6 | dir=in | app=f:\gry\aoe3\age3.exe | "TCP Query User{D59D9394-E05F-40C0-B636-DAE5E7C0D854}F:\gry\battlefield 4\bf4.exe" = protocol=6 | dir=in | app=f:\gry\battlefield 4\bf4.exe | "TCP Query User{E1BF650C-0196-4177-AFDF-D42F3B7B220B}C:\program files (x86)\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nowe gadu-gadu\gg.exe | "UDP Query User{13A7832E-14AD-4183-8429-CD0AF8ED5C52}F:\gry\battlefield 4\bf4_x86.exe" = protocol=17 | dir=in | app=f:\gry\battlefield 4\bf4_x86.exe | "UDP Query User{464F52DC-8644-4F8B-8B64-C953667C640E}E:\!kopia windows 8 07.06.2014\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=e:\!kopia windows 8 07.06.2014\totalcmd\totalcmd64.exe | "UDP Query User{46648832-5C21-413F-9D13-399F30B0C64E}F:\gry\aoe3\age3.exe" = protocol=17 | dir=in | app=f:\gry\aoe3\age3.exe | "UDP Query User{813F7E87-096F-4C47-B07D-8B96A5FEE6F6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{9167CBC3-3187-4CE1-BCA6-25B51CA5D614}C:\program files (x86)\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nowe gadu-gadu\gg.exe | "UDP Query User{A7EECE88-99EE-40A2-8150-48D8E2DB63CB}C:\users\michał\desktop\nowy folder (2)\samp-server.exe" = protocol=17 | dir=in | app=c:\users\michał\desktop\nowy folder (2)\samp-server.exe | "UDP Query User{CC9AD8D2-4E51-438A-A07B-0E3D2CE2EED2}F:\gry\battlefield 4\bf4.exe" = protocol=17 | dir=in | app=f:\gry\battlefield 4\bf4.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0 "{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation "{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2C637DB1-3E0A-4089-8366-C6C0B01E5C2B}" = AMD Steady Video Plug-In "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{65A9248D-196D-41AD-1C66-5C9A23454DAA}" = AMD Fuel "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8C1F5F9B-649F-C65F-D65F-9EC0459C2304}" = ccc-utility64 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 "{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0 "{C2956908-53A3-88FC-B795-B16508296FC4}" = AMD Catalyst Install Manager "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "{F7CD07B2-565B-D770-0388-9C16A8FA5B1D}" = AMD Accelerated Video Transcoding "9CA77E2A8332A0824C54DA611BBE4CA24AB1F750" = Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) "CCleaner" = CCleaner "CPUID HWMonitor_is1" = CPUID HWMonitor 1.25 "WinRAR archiver" = WinRAR 5.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{06EA836D-C7AD-42A0-9C17-47BCDE7E015B}_is1" = CPU Thermometer "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 "{151AE945-AA23-3834-D5C7-C60832B71B15}" = CCC Help Czech "{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21 "{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 60 "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 "{32CB6BDF-F465-4BE8-9B57-1422057B61B9}" = LogMeIn Hamachi "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{44A6C11C-D744-6B2C-D5A1-E32CB1DB0088}" = AMD Catalyst Control Center "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DC7C1AB-4389-B736-082D-1BFA6BC10293}" = CCC Help Greek "{51307F85-BD05-1938-8440-E88FD13585CA}" = CCC Help Chinese Traditional "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5565E164-9928-CEDD-5011-9EE073D797B9}" = CCC Help Japanese "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5947D004-A315-F50D-D24F-4C9D5B8413A5}" = CCC Help Spanish "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5AAF27C9-51C1-DEF1-230F-9F348E2DF885}" = CCC Help Russian "{5BBF2F0E-8891-0E74-83D3-0DBDB750EDC6}" = CCC Help Norwegian "{5C89D6B4-C8C4-08B9-4381-4E6C9BA3C094}" = CCC Help Italian "{64A47A55-1E5E-82F1-26A6-8157D34739A4}" = CCC Help Chinese Standard "{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}" = IP Camera Adapter "{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{755C6015-01B7-475D-448A-CE4D35E68F38}" = CCC Help Dutch "{77C135AC-6695-F444-75ED-14413408E51D}" = Catalyst Control Center InstallProxy "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CF0325-7921-55A6-16B2-254E77C40FE4}" = CCC Help French "{877AB8B2-9D11-D640-7B11-730699E0C9A2}" = CCC Help Swedish "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium "{9A974568-D4D5-EED2-1976-132C28211A82}" = CCC Help Korean "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5 "{A0ED9B46-5B37-616A-FDCC-3F713BC2972D}" = CCC Help German "{A11D86BF-B950-759B-3DBF-1575B76BF974}" = CCC Help Polish "{AA14530E-3EF6-92AB-B39F-DB96F852BBBC}" = CCC Help Portuguese "{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris "{ABAD2544-D794-E1B1-2763-55A9BB811D5A}" = CCC Help Thai "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Polish "{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{B3BE2947-BB03-6079-60DD-41B388BBC74A}" = Catalyst Control Center Graphics Previews Common "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B89357B0-C12E-F21E-7E8D-CA13BFED19C7}" = CCC Help Hungarian "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{BFA04EE0-8240-4667-8D53-45496A901C33}" = Camtasia Studio 8 "{C5BE5386-0A43-32DD-9F2B-934B8CCCAC41}" = Catalyst Control Center Localization All "{C70E8FBB-10F3-1DFF-E35F-6D62264D7A80}" = CCC Help Finnish "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}" = Adobe Photoshop CC 2014 "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag "{EC43C902-EF4F-0BF6-FA5F-897D2E450858}" = CCC Help Turkish "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1A6C690-C12C-4E7A-B4BD-958678215418}" = 3DMark "{F2AB797F-31A3-A376-736B-9E0533BAB530}" = CCC Help English "{F3220B5E-9395-F557-8DB9-1E0F29D32026}" = CCC Help Danish "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows "5513-1208-7298-9440" = JDownloader 0.9 "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "Avast" = avast! Free Antivirus "Easy Audio CD Burner 3.8" = Easy Audio CD Burner 3.8 "EZ CD Audio Converter" = EZ CD Audio Converter "Fraps" = Fraps (remove only) "Free Audio CD Burner_is1" = Free Audio CD Burner version 2.0.32.1015 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.48.1015 "GpsTrackEditor" = GPS Track Editor "Grand Theft Auto III 1.1" = Grand Theft Auto III 1.1 "HD Tune_is1" = HD Tune 2.55 "IPCameraDSFilter" = IP Camera DS Filter "KLiteCodecPack_is1" = K-Lite Codec Pack 10.8.0 Full "LogMeIn Hamachi" = LogMeIn Hamachi "Metin2_is1" = Metin2 "Mozilla Firefox 33.1 (x86 pl)" = Mozilla Firefox 33.1 (x86 pl) "Mozilla Thunderbird 24.6.0 (x86 pl)" = Mozilla Thunderbird 24.6.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MTA:SA 1.4" = MTA:SA v1.4.0 "NapiProjekt_is1" = NapiProjekt (2.2.0.2399) "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "PowerISO" = PowerISO "Raptr" = Raptr "Red Eye Remover Pro_is1" = Red Eye Remover Pro 1.1 "Shut Down-O-Matic" = Shut Down-O-Matic "SpeedFan" = SpeedFan (remove only) "SqliteBrowser3" = SqliteBrowser3 "Steam App 43110" = Metro 2033 "TeamViewer 9" = TeamViewer 9 "VMware_Workstation" = VMware Workstation "Winamp" = Winamp (remove only) "winscp3_is1" = WinSCP 5.1.4 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2530276816-3700334083-244097047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-11-09 10:47:44 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-11 07:22:58 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-11 16:09:10 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-12 09:05:54 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-12 14:31:29 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-12 16:53:20 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 06:41:58 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 10:07:06 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 10:26:10 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 10:29:11 | Computer Name = Michał-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-11-03 14:51:51 | Computer Name = Michał-Komputer | Source = bowser | ID = 8003 Description = Error - 2014-11-03 15:03:57 | Computer Name = Michał-Komputer | Source = bowser | ID = 8003 Description = Error - 2014-11-04 10:30:19 | Computer Name = Michał-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa LogMeIn Hamachi Tunneling Engine jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-11-04 10:32:47 | Computer Name = Michał-Komputer | Source = bowser | ID = 8003 Description = Error - 2014-11-04 11:07:06 | Computer Name = Michał-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:05:25 na ?2014-?11-?04 było nieoczekiwane. Error - 2014-11-04 12:49:52 | Computer Name = Michał-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR2. Error - 2014-11-04 12:56:41 | Computer Name = Michał-Komputer | Source = bowser | ID = 8003 Description = Error - 2014-11-04 14:08:41 | Computer Name = Michał-Komputer | Source = bowser | ID = 8003 Description = Error - 2014-11-04 14:45:15 | Computer Name = Michał-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR2. Error - 2014-11-06 17:31:48 | Computer Name = Michał-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR3. < End of report >