OTL Extras logfile created on: 2012-11-07 19:47:25 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,09 Gb Available Physical Memory | 77,18% Memory free 8,00 Gb Paging File | 7,23 Gb Available in Paging File | 90,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 382,62 Gb Free Space | 82,17% Space Free | Partition Type: NTFS Drive D: | 4,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MAREK-KOMPUTER | User Name: Marek | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1371275200-5856987-1658389378-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E84557B-FA22-4F58-B8CD-DDB528B28A2E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{16343F81-F3FA-4448-A215-C9A1D1D22AB2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1CC7C53C-999F-4306-9156-2B2FF65193BD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1FC07699-B089-4E37-8E20-F85DA794C9F0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{21682FE5-9DCE-43C1-96E7-4CF84D767575}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{25F26444-4DCF-4663-BEBD-C8FDD03BAC9B}" = lport=10243 | protocol=6 | dir=in | app=system | "{2D429BEB-EB53-43E9-90B4-E3296C1623E4}" = lport=2869 | protocol=6 | dir=in | app=system | "{320CD63C-9247-44D3-A9CE-42A3A86641BA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{32AC850E-CD0A-4D7B-9541-AD2D0ED2F292}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3A8944B8-51A3-4551-8018-E2CDB180A993}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3AE41664-4E78-40AD-8833-B821C272D87B}" = rport=137 | protocol=17 | dir=out | app=system | "{40C01C88-7167-4F8E-8E13-E1184C40FCC8}" = rport=139 | protocol=6 | dir=out | app=system | "{454B48DE-9043-41C0-A84A-DF0616666DA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4B7D8132-345E-4E57-8C00-D200303D062D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{4FAD8D7F-8BCD-464E-B22D-7494A012FA38}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{56855C2D-26D9-47FF-A840-94F4F4837968}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{62A21C85-D313-4B4A-84F6-4B2E583CAE07}" = rport=10243 | protocol=6 | dir=out | app=system | "{698D1C2A-EFF9-433C-9466-43DA563D2B9E}" = rport=138 | protocol=17 | dir=out | app=system | "{6B7FC4EA-DA52-4862-A437-DBE6913070D3}" = rport=445 | protocol=6 | dir=out | app=system | "{6C295CA7-66F7-4814-BED0-11A9C1D2B673}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{81E5A448-A2C1-4E6A-963F-A1206852D586}" = lport=139 | protocol=6 | dir=in | app=system | "{82FBA6EC-36AE-4301-9ECF-094A02989865}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9568094D-D33A-476A-9853-F5B3866369A5}" = lport=59110 | protocol=17 | dir=in | name=pando media booster | "{9690BC2E-5D6D-4345-99D9-BE052B05169A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9E525AD1-7F42-4F92-A7D9-AE7B492F9358}" = lport=138 | protocol=17 | dir=in | app=system | "{B14902F3-EF01-4406-82AE-107D4BBC5FD8}" = lport=57201 | protocol=17 | dir=in | name=pando media booster | "{B714DB99-D71B-46DA-ABA0-5DBCA2DF1CDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3594CE1-1EEE-438D-A4B0-F9A165F4360B}" = lport=57201 | protocol=6 | dir=in | name=pando media booster | "{C4D5BDE7-70C4-4ABB-B108-F31E03E5E7C1}" = lport=137 | protocol=17 | dir=in | app=system | "{D14CBB62-6589-4DF3-92EF-66B5788E0ACB}" = lport=59110 | protocol=17 | dir=in | name=pando media booster | "{D52728FE-8C50-4BA3-83AB-DC6FF833ED1F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E0A25150-F989-408B-8216-B49780040568}" = lport=59110 | protocol=6 | dir=in | name=pando media booster | "{E5F01965-6B1E-4DCE-A5CA-3C9681087077}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EBB74588-50AF-4B9A-BC81-D4090BED3422}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F31C0670-5B0A-4877-8929-C4FA638CDCF5}" = lport=59110 | protocol=6 | dir=in | name=pando media booster | "{FAC8A469-583E-4A85-A01F-EA2B35AAE334}" = lport=445 | protocol=6 | dir=in | app=system | "{FDACCC2E-CCA5-4766-A3EC-F68C2853BB2A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{061CF1E3-F635-4AE9-847C-7F6FB4035D2B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{06CB7FDB-D92E-4E44-A182-59A4A0806D68}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0A3E8204-2A05-4894-A064-BFC33AAB575C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{0F206E00-9AFF-41A7-ACB3-866ADB793FEE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{15AD505D-716F-498F-82DF-81824A1B3070}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe | "{2A1BA590-EF78-4A23-9C08-E52003E72816}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2ACDA76B-D077-4311-96ED-C791D06A662F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2B3D85B0-3210-4229-9DD6-357E4592DD78}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{2B999825-BB11-4BEE-9ED9-1197EA9748D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2F4AA921-A6EF-4EFF-B66E-56E80A736AC3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{316FB473-8844-4562-A782-2D7CA79B1B71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{38E17106-4500-43B1-9219-2AEED6D7D837}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{41BA38F9-FE7F-4B91-A041-29FF1F7DADA6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{4D898B3B-C58F-452C-98AE-E87C9F6A0019}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5AC35D84-0875-418F-93B9-AC04D1F29491}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{652EC51C-E2A2-42D3-9F8C-F99C32A1682C}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe | "{6FF7AE43-D0EF-4045-8B33-A71854A9C54D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{714C63ED-3BE8-4C1E-B13A-72623F3E8CD2}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{767B0800-AFBB-4124-B45A-2BD0E597561E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{76E54594-F296-4184-842E-563069304935}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{78D535D0-E204-4368-A386-BFC83560347B}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe | "{86FA9052-8619-479E-AF65-2ADA03FE0352}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{91FA1917-CB41-41C1-B087-543025D0D464}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{96746A8B-173E-49EB-87B8-DBA11F2D845B}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe | "{A3888B7C-7A35-4350-8871-69DFF5235001}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{A617B1E8-FABB-41C6-9460-F3B9525984B9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AF4C5757-1BA4-4AE1-BC02-41EDF5F0A205}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B4BAEEE8-181B-4C9F-8D2E-A9B737844D79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B7A71B1E-7EC0-4428-992D-633211AC4BE9}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{B89784FC-417D-4FE4-80F5-24175094FCA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C279DAB4-D750-42B4-B0DC-22E5144DF340}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D6353E85-5829-4E3C-BC85-011016BFB68C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{EE073F5F-39C1-4B79-8612-C3FD7B4DEED0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{EF88EB5F-3335-49CC-8C5B-FD6D79DCA2E2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F385D817-14AA-4150-8EAB-47E0A4E4EB8A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F6D54146-63DA-44EF-BAFB-FD84D35A408E}" = protocol=6 | dir=out | app=system | "{FAC54DE3-EED3-46AC-A0D3-A8FF13E57687}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FC34E233-02C5-4153-AD6A-63ADD0756AD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{FF38A42B-A802-4B27-A88A-0FCC3E91EA79}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "TCP Query User{1005A941-D805-4F0E-8E27-7C17BE5BA48F}C:\program files (x86)\reality pump\lost souls\lostsouls.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reality pump\lost souls\lostsouls.exe | "TCP Query User{12509E75-102E-4CBB-A6C0-466B5BD1A2EF}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{2EC8BD9A-D910-4CAC-9F37-F97318F7567F}C:\program files (x86)\metin2\metin2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.exe | "TCP Query User{3FD3EA83-7FE0-4DFA-BCFD-A8AF35D2D728}C:\users\marek\desktop\reactivemt2\reactivemt2.exe" = protocol=6 | dir=in | app=c:\users\marek\desktop\reactivemt2\reactivemt2.exe | "TCP Query User{7F7DFCC1-6E10-4E45-9154-62E0F6406167}C:\program files (x86)\metin2\metin2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2.exe | "TCP Query User{9337F0E2-E791-4857-BF9F-E1BE14A72A71}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{B80DAC32-D1A1-4CEE-B8F0-82D78446235A}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{D27A5557-C830-467E-836B-533E3F32A27C}C:\program files (x86)\xornetworks\xornetworks rohan\rhclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xornetworks\xornetworks rohan\rhclient.exe | "TCP Query User{F7E1E300-8654-4D52-BAE4-A3DC8EA6D2A8}C:\program files (x86)\ea games\mohaa\mohaa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\mohaa\mohaa.exe | "UDP Query User{08767DDA-0C63-435E-BF69-55B765A026EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{1CD1A7E9-E7A5-479F-BF7C-1FB17DE3E14A}C:\program files (x86)\metin2\metin2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.exe | "UDP Query User{3347E9A0-303B-4828-8B2C-BE9E8ADF73A5}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{40FBA2D3-1C41-41C5-A163-FB239B9F1EA0}C:\program files (x86)\ea games\mohaa\mohaa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\mohaa\mohaa.exe | "UDP Query User{6F5941CA-6737-47CC-BD4D-9C8124D2D548}C:\users\marek\desktop\reactivemt2\reactivemt2.exe" = protocol=17 | dir=in | app=c:\users\marek\desktop\reactivemt2\reactivemt2.exe | "UDP Query User{C7096333-679E-4583-B0E9-5F480F8C88C4}C:\program files (x86)\metin2\metin2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2.exe | "UDP Query User{D6E1FE88-DD0F-4603-B739-528CD41E6F0B}C:\program files (x86)\xornetworks\xornetworks rohan\rhclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xornetworks\xornetworks rohan\rhclient.exe | "UDP Query User{F026CCF1-41C5-42CB-B4F5-F3D3AE14E009}C:\program files (x86)\reality pump\lost souls\lostsouls.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reality pump\lost souls\lostsouls.exe | "UDP Query User{FE068F14-142B-43EF-A24B-7F588343C488}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client PL-PL Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5 "{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE "{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish "{AF9B9CCF-D1B4-44B4-A030-BFCF5686AA5E}_is1" = TeamingGenie "{C0EAE1CA-EBF0-4A55-BEA9-EA79FAF40889}" = MAGIX Video easy SE "{E33DB440-A008-4928-8A4E-5FC5ADDED608}" = OpenOffice.org 2.4 "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie "{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "avast" = avast! Free Antivirus "DAEMON Tools Lite" = DAEMON Tools Lite "Earth 2150 - Lost Souls" = Earth 2150 - Lost Souls "GamersFirst LIVE!" = GamersFirst LIVE! "GamersFirst War Rock" = War Rock "GameSpy Arcade" = GameSpy Arcade "Google Chrome" = Google Chrome "InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "ipla" = ipla 2.3.5 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "MAGIX_MSI_Video_easy_SE" = MAGIX Video easy SE "MoorHunt_is1" = MoorHunt 0.6.7.2 "Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl) "Mozilla Thunderbird 10.0.2 (x86 pl)" = Mozilla Thunderbird 10.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "TuneUpMedia" = TuneUp 2.4.6.4 "WinRAR archiver" = WinRAR 4.20 (32-bit) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1371275200-5856987-1658389378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-11-07 05:43:45 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 12:38:49 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 12:49:22 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:02:33 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:04:51 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:08:39 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:11:46 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:56:33 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 13:59:46 | Computer Name = Marek-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-07 14:14:59 | Computer Name = Marek-Komputer | Source = System Restore | ID = 8193 Description = [ Media Center Events ] Error - 2012-06-13 09:50:14 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 15:50:09 - Błąd podczas nawiązywania połączenia z Internetem. 15:50:09 - Nie można skontaktować się z serwerem.. Error - 2012-06-18 18:29:00 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 00:28:58 - Nie można pobrać pakietu MCEClientUX (Błąd: Połączenie podstawowe zostało zakończone: Nie można ustanowić relacji zaufania dla bezpiecznego kanału SSL/TLS.) Error - 2012-06-27 16:33:50 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 22:33:50 - Błąd podczas nawiązywania połączenia z Internetem. 22:33:50 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 16:34:00 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 22:33:56 - Błąd podczas nawiązywania połączenia z Internetem. 22:33:56 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 17:34:19 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 23:34:19 - Błąd podczas nawiązywania połączenia z Internetem. 23:34:19 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 17:34:25 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 23:34:24 - Błąd podczas nawiązywania połączenia z Internetem. 23:34:24 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 18:34:42 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 00:34:42 - Błąd podczas nawiązywania połączenia z Internetem. 00:34:42 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 18:34:48 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 00:34:47 - Błąd podczas nawiązywania połączenia z Internetem. 00:34:47 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 19:35:06 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 01:35:06 - Błąd podczas nawiązywania połączenia z Internetem. 01:35:06 - Nie można skontaktować się z serwerem.. Error - 2012-06-27 19:35:12 | Computer Name = Marek-Komputer | Source = MCUpdate | ID = 0 Description = 01:35:11 - Błąd podczas nawiązywania połączenia z Internetem. 01:35:11 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 2012-08-15 13:53:16 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2012-08-16 06:35:04 | Computer Name = Marek-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Intel(R) Turbo Boost Technology Monitor 2.0 zakończyła działanie; wystąpił następujący błąd: %%-2147467259 Error - 2012-08-16 06:35:34 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2012-08-16 09:34:23 | Computer Name = Marek-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Intel(R) Turbo Boost Technology Monitor 2.0 zakończyła działanie; wystąpił następujący błąd: %%-2147467259 Error - 2012-08-16 09:34:53 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2012-08-16 14:56:21 | Computer Name = Marek-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Intel(R) Turbo Boost Technology Monitor 2.0 zakończyła działanie; wystąpił następujący błąd: %%-2147467259 Error - 2012-08-16 14:56:51 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2012-08-16 17:25:33 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2012-08-17 02:15:51 | Computer Name = Marek-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Intel(R) Turbo Boost Technology Monitor 2.0 zakończyła działanie; wystąpił następujący błąd: %%-2147467259 Error - 2012-08-17 02:16:21 | Computer Name = Marek-Komputer | Source = DCOM | ID = 10010 Description = < End of report >