OTL Extras logfile created on: 2016-01-04 11:04:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Piotrek\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,95 Gb Total Physical Memory | 13,67 Gb Available Physical Memory | 85,72% Memory free 31,89 Gb Paging File | 29,41 Gb Available in Paging File | 92,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 130,63 Gb Total Space | 25,41 Gb Free Space | 19,45% Space Free | Partition Type: NTFS Drive D: | 800,78 Gb Total Space | 737,28 Gb Free Space | 92,07% Space Free | Partition Type: NTFS Computer Name: PIOTREK-KOMP | User Name: Piotrek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) [HKEY_USERS\S-1-5-21-1688851452-3417616463-1083969991-1000\SOFTWARE\Classes\] .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1A29B4DA-C0FD-4A76-9253-6F2389646757}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{1E3B5FD2-A923-45D5-AD62-8913E2408C82}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1F77434E-548F-43AA-B139-CC1B60B49AF1}" = lport=137 | protocol=17 | dir=in | app=system | "{2C90CA7D-E282-407B-BDB0-F6F542967718}" = lport=445 | protocol=6 | dir=in | app=system | "{32E1D573-4213-4DBD-BE88-B1ACF7E2C009}" = rport=445 | protocol=6 | dir=out | app=system | "{3D7BCFE9-5995-478C-83D2-A8A3559D1F69}" = lport=10243 | protocol=6 | dir=in | app=system | "{41FD599F-7E73-4F70-B756-670A5EC313AB}" = rport=137 | protocol=17 | dir=out | app=system | "{5F3E5C13-6AFA-470D-A3D7-073FA6B84C29}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6570D720-4C32-4039-BFCF-D71B5F0F9071}" = lport=139 | protocol=6 | dir=in | app=system | "{6E4280DE-BE7C-4544-950A-B11D6E7AA0C1}" = rport=138 | protocol=17 | dir=out | app=system | "{7ACEE23A-C0F4-4532-AE33-E3C263149ADB}" = rport=10243 | protocol=6 | dir=out | app=system | "{8B22210F-B578-47B4-AD41-50E850908653}" = rport=139 | protocol=6 | dir=out | app=system | "{96545E1C-D84E-4BC6-B138-A063FA7C4113}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9678C8C0-C9F5-443D-9EDD-79983AD40C75}" = lport=138 | protocol=17 | dir=in | app=system | "{9C8D9153-8404-464C-AADE-C62436D4E28C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A49A5DDE-E05C-4E29-9397-61FA697D4B29}" = lport=53447 | protocol=6 | dir=in | name=joellocushems | "{A71AFAB5-75D1-4678-BEAB-A89B85B0982A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AA3498F5-DBA0-420B-9FD5-7D800F7887D8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B4ACA0AF-999C-4613-8628-A342FFE5A22C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C372B990-8855-4E0A-8B87-718436B14AB4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C819CBAE-F9AC-4BCB-9D77-8268CC2C7074}" = lport=53447 | protocol=6 | dir=in | name=gnawspunttugs | "{C9C35D4D-2737-4688-965D-7F2935E41A7C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CB367C0F-5281-483A-B129-56A3100672E9}" = lport=2869 | protocol=6 | dir=in | app=system | "{D104186A-54D4-485D-B2F3-060957E0BED6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E47F8C5D-8318-4733-A3A7-B01A2B7791BC}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{E80F360F-3182-4283-8CBC-003329381C86}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{15B289B6-AD6A-42D1-B479-E4977A6A20DF}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{20A0DE02-E200-4213-8B84-F40F25322927}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2611C88C-E6DB-4077-9A50-D4202351BFD4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe | "{2664EF01-41F1-40E3-BB43-86224AB4175A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{2C558C79-3859-4E5F-A8B5-91A9C3211DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{2F0DEA41-C86C-44F5-B5D7-9D9CE4DD69B3}" = protocol=6 | dir=in | app=c:\users\piotrek\appdata\roaming\spotify\spotify.exe | "{30C2480A-F876-4393-8460-02C28703E28F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{31C2623A-9BD7-4F7F-892C-763ACAD7751A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{32F05FC0-F4E5-45E0-B3A8-0D5B7807E66E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{34FD2066-5055-4948-B41D-8AFBE308F34A}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | "{3B1D3BD6-874B-42FF-B8E4-AF3E9F80D743}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3E586323-B395-43F1-99E0-51DDB92E6CD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{46E18CBF-3B36-4524-86F1-7FA5A2E13973}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{48D22F27-0E24-4CE0-9EBE-75E2F7691826}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{48FC75BE-E017-414D-BC84-0A306D6E6043}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{4A2F4A16-AB69-41C8-8E40-B472ADF8D520}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4AB1F7BC-30A3-4380-B076-D43E5F89AA82}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4C1A7A9D-F8BC-4967-BCC6-9C84D1F2BBEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4DE6413A-D380-4E40-AF4A-DECE693A2AB5}" = protocol=17 | dir=in | app=c:\users\piotrek\appdata\roaming\spotify\spotify.exe | "{4E01D078-A1BC-4263-806C-1A01D20A63A9}" = protocol=6 | dir=out | app=system | "{520B2FB3-D503-47C6-9EA4-D7C13A34D202}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5888F6F9-D256-42D1-B553-3084F904A311}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{59E8EF45-DEF9-4016-8D3D-3A71A09CD00D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | "{81587D38-6D85-4B9C-B770-87CC530A1D17}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{823AC206-5B21-4063-8C13-0A5F38E49752}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{8240B9FC-5096-4CF6-83C5-35F89ACCA120}" = protocol=17 | dir=in | app=d:\gry\bf3\bejeweled 3\bejeweled3.exe | "{869B0A0D-BAEF-4DAC-ABE9-6330E633742F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{9A19C1AB-4D84-46EA-AAB7-D3D09922D66B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dying light\devtools\dyinglightplayer.exe | "{A064FC0B-2A22-4670-9C60-78253893C883}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{A566D245-8C57-4315-8314-5BDECD6E8855}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{AA1085DA-F0E9-4C1B-824C-DE8A603A6C4A}" = protocol=6 | dir=in | app=c:\users\piotrek\appdata\roaming\spotify\spotify.exe | "{AE0D561B-128E-4A31-96AF-DA938ADCE65F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B30C5E24-AEA9-4542-99BC-2C6B879780D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe | "{C1093D0C-F5CD-4D3D-852A-1AFFCAE4BC0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C161EE16-F214-4FEA-8552-81A3EAF4AF03}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C6B58CA9-4617-4898-B86E-8DAA88A34CF9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CA9A3AB9-C6B1-4154-8D6B-66FB1B93329B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{CD1AB24A-60A0-48D5-9954-C259B47FBACD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D45CDDA2-68CF-4DB2-8D73-F9C00B4DA66F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe | "{D4683141-9B36-4194-9935-C8E5CDE06646}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D54790A5-B647-4D40-BC1D-8AC297CBE522}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dying light\devtools\dyinglightplayer.exe | "{D99FD5C1-7EBF-438A-A0E0-13A0B067F99D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{E7FA263F-934F-4123-9DAD-1D8E3388DDC1}" = protocol=6 | dir=in | app=d:\gry\bf3\bejeweled 3\bejeweled3.exe | "{F17AE94F-F409-42E8-8374-BE03BCC27963}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | "{F365FE2B-1AEC-47D7-9D9F-431F787F88B2}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | "{F588ACF7-3D66-463B-B913-3FB0F5DE12C5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F6DF25ED-5E53-4FBB-83FE-D799D192745E}" = protocol=17 | dir=in | app=c:\users\piotrek\appdata\roaming\spotify\spotify.exe | "{FC48E8CC-6224-4287-8A55-53B0FCC7340A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{FD4B7AB1-67C2-425C-A143-618D461CA611}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FF355095-2CD9-4319-B679-3F71E4A09A84}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe | "TCP Query User{040400CF-A2FE-4B21-95D6-214D6B71BE74}D:\gry\praetorians\praetorians.exe" = protocol=6 | dir=in | app=d:\gry\praetorians\praetorians.exe | "TCP Query User{05EE6603-AEA0-4992-BB4D-8EFBDA87E53B}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{097C468C-2E2A-41A8-94DB-F5215828B5A0}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{27AEE387-C07A-4B10-B705-4175FDD9FF77}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{4FC4923F-1109-466B-A54C-5EA9D2C38D22}D:\gry\quake3\quake3e.exe" = protocol=6 | dir=in | app=d:\gry\quake3\quake3e.exe | "TCP Query User{96B4F270-A33E-4529-899B-7F9093B4DFF8}D:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe" = protocol=6 | dir=in | app=d:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe | "TCP Query User{DD21A90A-C1F9-469F-86CF-53EF554A81FF}C:\program files\java\jre1.8.0_45\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_45\bin\javaw.exe | "TCP Query User{EFBA51AB-5E24-458B-A65C-0E24B0A33072}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{FAD194B7-FCFB-4443-94C0-591EEB5C49CE}D:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe" = protocol=6 | dir=in | app=d:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe | "UDP Query User{069EA41F-E575-48B9-A292-42A563054D03}D:\gry\quake3\quake3e.exe" = protocol=17 | dir=in | app=d:\gry\quake3\quake3e.exe | "UDP Query User{1F897A2C-8EAF-4D6D-9167-0DB40F735262}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{5C88D076-29A9-4BB4-A716-75A1041A5984}D:\gry\praetorians\praetorians.exe" = protocol=17 | dir=in | app=d:\gry\praetorians\praetorians.exe | "UDP Query User{6A2B61F6-68E2-4E67-8431-046CE8AC1D73}C:\program files\java\jre1.8.0_45\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_45\bin\javaw.exe | "UDP Query User{A618445D-5650-4AEC-B0D9-CF88D6560096}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{A656EB47-AD4E-4A4E-97E6-40BE3E7ACCC7}D:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe" = protocol=17 | dir=in | app=d:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe | "UDP Query User{C4C26D9B-678A-4BF4-B001-3C209EEDD1DD}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{E9CDEE5A-221F-4A61-811C-D99B24BB06D9}D:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe" = protocol=17 | dir=in | app=d:\gry\zamek 2\sc2_v1.0.21397\bin\win32_release\crusader2.exe | "UDP Query User{F5B19C1F-7EE3-4A2B-84F2-AF275C40DDFA}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86418045F0}" = Java 8 Update 45 (64-bit) "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90150000-0015-0415-1000-0000000FF1CE}" = Microsoft Access MUI (Polish) 2013 "{90150000-0016-0415-1000-0000000FF1CE}" = Microsoft Excel MUI (Polish) 2013 "{90150000-0018-0415-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Polish) 2013 "{90150000-0019-0415-1000-0000000FF1CE}" = Microsoft Publisher MUI (Polish) 2013 "{90150000-001A-0415-1000-0000000FF1CE}" = Microsoft Outlook MUI (Polish) 2013 "{90150000-001B-0415-1000-0000000FF1CE}" = Microsoft Word MUI (Polish) 2013 "{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski "{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013 "{90150000-0044-0415-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Polish) 2013 "{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013 "{90150000-0090-0415-1000-0000000FF1CE}" = Microsoft DCF MUI (Polish) 2013 "{90150000-00A1-0415-1000-0000000FF1CE}" = Microsoft OneNote MUI (Polish) 2013 "{90150000-00BA-0415-1000-0000000FF1CE}" = Microsoft Groove MUI (Polish) 2013 "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013 "{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013 "{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013 "{90150000-00E2-0415-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Polish) 2013 "{90150000-012B-0415-1000-0000000FF1CE}" = Microsoft Lync MUI (Polish) 2013 "{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 4.11.9 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.24.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "MediaInfo" = MediaInfo 0.7.63 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Office15.PROPLUSR" = Microsoft Office Professional Plus 2013 "Unlocker" = Unlocker 1.9.2 "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media "{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM) "{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM) "{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic "{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM) "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs "{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM) "{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic "{2EB868AA-E626-4F5F-B9DF-F49637284721}" = Victoria 2 Złota Edycja "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{379DA4C6-8C91-4F36-9D25-F08E8959E0DF}" = Poczta usługi Windows Live "{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer "{46BC55A2-B4CE-46B5-8303-A2076B899505}" = Windows Live UX Platform Language Pack "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4F4A4FBF-133D-460E-8617-6D48E0A2B4E4}" = Windows Live Writer Resources "{51c8ad09-d9b5-478f-8dfe-6a5e040d7e7c}_is1" = Testy B 2015 "{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{584204D4-9FF9-42FD-B3F7-51A9302947BB}" = Angels vs Devils "{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM "{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer "{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM) "{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE "{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}" = Gothic II - Noc Kruka "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video "{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express "{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM) "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1 "{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}" = Praetorians "{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter "{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.13) - Polish "{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic "{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM) "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components "{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common "{C85B6A70-2ABB-4A31-8FD1-E183553A94F9}" = MoD ImperiaL v4.1 "{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM) "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2 "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic "{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform "{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}" = Bejeweled® 3 "{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM) "{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}" = Podstawowe programy Windows Live "{FBA73805-0F67-428B-8E4F-FAE16A452685}" = Photo Common "{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1" = KaM Remake Full r5503 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI "Adobe Flash Player PPAPI" = Adobe Flash Player 20 PPAPI "Diablo II" = Diablo II "Easy CD-DA Extractor 16" = Easy CD-DA Extractor 16 "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09] "Free Download Manager_is1" = Free Download Manager 3.9.2 "Glary Utilities 3" = Glary Utilities 3 (v3.4.0.117) "InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2 "Knights and Merchants TPR" = Knights and Merchants TPR "Mirillis Splash PRO EX" = Splash PRO EX "MoD ImperiaL" = MoD ImperiaL (remove only) "Mozilla Firefox 43.0.3 (x86 pl)" = Mozilla Firefox 43.0.3 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.1.0.2287) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Opera 34.0.2036.25" = Opera Stable 34.0.2036.25 "Origin" = Origin "Steam App 219740" = Don't Starve "Steam App 239140" = Dying Light "Steam App 40300" = Risen "Steam App 550" = Left 4 Dead 2 "Steam App 730" = Counter-Strike: Global Offensive "VLC media player" = VLC media player 2.0.6 "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1688851452-3417616463-1083969991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify "Winamp Detect" = Detektor Winampa [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1688851452-3417616463-1083969991-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify "TeamSpeak 3 Client" = TeamSpeak 3 Client "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-03 17:16:19 | Computer Name = Piotrek-Komp | Source = VSS | ID = 8193 Description = Error - 2016-01-04 06:06:38 | Computer Name = Piotrek-Komp | Source = Office 2013 Licensing Service | ID = 0 Description = [ System Events ] Error - 2016-01-03 17:17:17 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error - 2016-01-03 17:17:20 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7024 Description = Usługa HitmanPro 3.7 Crusader (Boot) zakończyła działanie; wystąpił specyficzny dla niej błąd %%0. Error - 2016-01-03 17:17:31 | Computer Name = Piotrek-Komp | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2016-01-03 17:17:31 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Process creation detector. z powodu następującego błędu: %%1275 Error - 2016-01-04 05:56:15 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldrx64.sys) z powodu następującego błędu: %%1058 Error - 2016-01-04 05:56:21 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 Error - 2016-01-04 05:56:21 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Telex Aside Tepid z powodu następującego błędu: %%216 Error - 2016-01-04 05:56:21 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error - 2016-01-04 05:56:47 | Computer Name = Piotrek-Komp | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2016-01-04 05:56:47 | Computer Name = Piotrek-Komp | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Process creation detector. z powodu następującego błędu: %%1275 < End of report >