OTL Extras logfile created on: 2013-10-09 20:40:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sandoz\Documents\bezpieczeństwo Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,25% Memory free 6,19 Gb Paging File | 4,94 Gb Available in Paging File | 79,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254,15 Gb Total Space | 50,03 Gb Free Space | 19,68% Space Free | Partition Type: NTFS Drive D: | 29,19 Gb Total Space | 20,84 Gb Free Space | 71,40% Space Free | Partition Type: NTFS Computer Name: SANDOZ | User Name: sandoz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-662459261-2097686485-2363488366-1004\SOFTWARE\Classes\] .html [@ = Max3.Association.HTML] -- C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NAPI-PROJEKT\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NAPI-PROJEKT\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{055F4F67-3007-425D-B0E2-93D71C2461D2}" = lport=2869 | protocol=6 | dir=in | app=system | "{0670473C-7CF6-4942-9449-1FCA7EA29E1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0BB0B6ED-3D9C-4450-BD7C-86900FB1525B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{0E11A276-140D-4587-85EA-412FAD51F59D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{171AE320-6639-496A-875C-9C76699D9F48}" = rport=445 | protocol=6 | dir=out | app=system | "{25FEE0E7-AFF9-407A-B66E-6E873BBFF0A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3176CECA-4D82-4CEE-B8AA-AF2918B1A452}" = rport=10243 | protocol=6 | dir=out | app=system | "{3D01CDE6-74C9-43A1-A900-A3F4B4CB2FBE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{42F0641A-D99D-42A5-9902-9371886F44BE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{43B2A647-8CEC-4ECA-B00E-69718D879C82}" = lport=10243 | protocol=6 | dir=in | app=system | "{4D99FA8D-309C-4D19-B04A-ECB8CAB4822A}" = lport=137 | protocol=17 | dir=in | app=system | "{4EBAEA2A-79B2-4413-B7B4-E55A7A43C250}" = rport=139 | protocol=6 | dir=out | app=system | "{5BF021C5-1BB0-468A-8B81-6FEB25EA0E97}" = lport=445 | protocol=6 | dir=in | app=system | "{6396083F-0F3B-4CBF-A3F8-2C58B12E45BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7496BBBA-5DFD-4AFB-8B18-0B5DFB34E261}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{762C5494-4230-4903-B24A-A19B2AE655F0}" = rport=138 | protocol=17 | dir=out | app=system | "{7BD53697-DB5B-47C9-B726-426D954E9076}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{9E17A0F9-8A7D-41EB-8F2C-19EBE9C63368}" = rport=137 | protocol=17 | dir=out | app=system | "{A0AAA98D-4B07-496C-9D18-84F9E0359FE1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A0C70545-87B0-42D5-9ECD-D7AF225E8C00}" = lport=139 | protocol=6 | dir=in | app=system | "{A7DAFF7A-14A4-4A5E-BC04-FDDDA4B2577F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C1F4CB6E-903E-4E18-AF64-ED90375C73F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D1D8AE92-E8BF-48CE-9357-A4C897C99F36}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D2763F33-5F61-4EE0-81D2-1A719D7CA74D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DEF32B7C-77A6-4EE0-91FC-85353FB6D882}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F49C70E7-8314-47EE-A4AA-2C311D2214CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FB8E9D24-A42E-40FE-A446-E3BC5F94871D}" = lport=138 | protocol=17 | dir=in | app=system | "{FD46962A-6423-4070-8382-40D5EF24CBD6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09B4651E-EF5E-48D3-82D6-F312EF399EBD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{09F9B643-A94C-4CD7-A439-74AF07B90C48}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{0AE19CE3-D132-47EB-83DE-6B348D85D51C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{0E851301-5B3E-4225-8F8A-DD12ED4FAD52}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe | "{102E4084-02A8-4025-A1D1-026B42703241}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe | "{1EEA59D1-2538-4B1D-89B1-4A03E277C718}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | "{20B4420F-5010-49C9-9F76-62799522ACC2}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\mxup.exe | "{241A19FF-C3C1-4414-972A-3D19B37020E1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{2C694D97-ADDF-42FE-8330-43B9512D5AD6}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | "{307A3D03-4758-4475-9068-D9930193F7D5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{3DCC5074-BB41-477B-A8BA-9F62D9CA9E7A}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe | "{4007AE4E-9258-42E5-A81E-B0099C895D8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{421D982D-B064-49CA-9BDA-DFBA981829C3}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | "{4AC0DF2D-08E1-4F51-B6CD-9AA0022CC3D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4D241358-B261-4EA8-AAE0-57E6FCBD8892}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe | "{4DBE00AF-1705-40E7-9830-98BF8D1C0166}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{55475987-3566-45B9-96ED-70E599AE72EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{57F2C984-9283-4AF5-9656-55B360976202}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | "{5D52DEBE-8EB8-47BC-A0FE-08CDCFE8D23A}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{5DE63D2D-63A7-4541-9C6C-3486AD9B1E47}" = dir=out | app=c:\windows\system32\igrssvcs.exe | "{5E0145D4-9517-4B82-BCF3-0C2387D9335B}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{60A20EC3-8A85-4DA8-821E-1B80C10E60BE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{633D06DA-CC22-419B-8E14-A642E245D1C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{634276C4-33C6-408F-BC07-3560269BBB6E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{6657D660-0C64-4B72-BBBB-7CB3EC4A2622}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{6C54E4B9-A581-40E8-B615-EB99A4ED58B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7553D90B-1685-4CB5-89D9-85976F90F0CE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | "{7A7C7295-151B-4031-A239-6D05FA1D613F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7EA1E85D-5763-4731-AA9C-F96C2AFBD589}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | "{80E7DAEA-BAFD-49AC-98AE-29C2CA1AE728}" = dir=in | app=c:\windows\system32\igrssvcs.exe | "{892B2CF3-C426-4259-92B8-266877BB2F16}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\mxup.exe | "{8B2009B1-1498-40FF-A552-F329F7FE39BB}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{91251003-24FF-4673-B2EE-36C1BEA00354}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{94543F6E-1346-4493-8BD9-E1A82E34A35D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9950ADB0-3597-493F-8408-289A591D666D}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{A0F82680-CECB-492F-A13D-4397FE6F5407}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\mxup.exe | "{A319CBFF-75A7-4E0C-8C7F-9F563DFC76FF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{A5FCD861-8206-452D-9B7A-4A5AADB12F0C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | "{ACD9DABD-CC6A-4C2E-8987-591BAD422D42}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe | "{ACF59AFA-F193-4BB2-8B26-B8B6BA5678D0}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{AED8DB45-8251-4A5B-9EF4-47E5A4535044}" = dir=in | app=c:\program files\lenovo\readycomm\readycomm.exe | "{B2374269-AD7C-4939-BCC1-26619EC55809}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{BA223FC6-BA18-4188-AA4E-8C5AFC68ED44}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | "{BF618C8C-74C0-40E8-BC04-3AA20BC1A23F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C6555EF7-B0CC-4DB4-9263-229856487D5E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C86EEE0D-270B-481E-8334-AC6F0C128A55}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{C9E27777-27AE-40EE-B806-C7A493176DAA}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | "{CA574013-7AE4-4B25-BB1F-26476E05AF9C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{CA64001F-7FEF-47C1-B265-87B5BDA0F2BA}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe | "{CADF9CE9-785F-4B8C-916D-28C6492B6460}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D00D88A4-97CD-4FEE-A904-2BBFD57F1A41}" = dir=out | app=c:\program files\lenovo\readycomm\filereceiver.exe | "{D04E4388-8215-45CD-ACA1-434B9C964737}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{D18574B5-202B-473D-A4C5-A631FE8163E4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D3A4B525-6A78-4797-BE32-A1C53753AFC0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{D42D4DDD-CC00-4478-94F4-8192B537C665}" = dir=in | app=c:\users\sandoz\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{D49F1B73-E15A-449B-BE20-933008257C9F}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | "{D7005EA2-8DC0-4F74-BB34-28AB9A9E033C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{D8DA6A59-ED15-4B32-B276-CEB10E8D9D03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D9B249B8-5F8F-4620-9BAE-EB88714A62E5}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{DCCDB120-36CA-4E9D-90B2-695FB231E75B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E38AE2A1-2DAF-4F59-A495-14BBDA4C69D4}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\mxup.exe | "{E4CED4F0-0F12-4F9E-AE73-2A3B9A355931}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | "{E62B9FAB-F690-482C-A0AE-90361C812279}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{E6E2227C-7B25-4D5F-8D4B-F3FEC8EBA125}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EBC4700A-54F6-4501-A697-3D6F53809637}" = dir=in | app=c:\program files\lenovo\readycomm\filereceiver.exe | "{ECF8F1EB-9398-4A0F-A0AC-4A994625304D}" = protocol=6 | dir=out | app=system | "{F1E42F12-124F-4232-80F7-D6565AE78A4C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{F83634A8-B577-48CF-BBFE-0D919647AA7A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F9495A35-2369-4005-8C81-895AAA8C8772}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{18C9CCB0-B340-49C0-967C-B6CF84DC2651}C:\program files\cod2\setup\data\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\cod2\setup\data\cod2mp_s.exe | "TCP Query User{43D245DA-B0E0-474C-92BC-7DD4E5EBAE9B}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe | "TCP Query User{6A2E3DAB-3E5B-45E0-A08F-9A6DD06BED35}C:\users\sandoz\appdata\local\temp\45fb.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\sandoz\appdata\local\temp\45fb.tmp\kmservice.exe | "TCP Query User{79CD1C55-BF06-49B2-9AAC-DC54A18087C5}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | "TCP Query User{CBCC32F2-42A7-4B62-8B11-FF3437BC8F1E}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | "UDP Query User{0C637957-9D22-4182-AA6B-FD0246BFC5C7}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe | "UDP Query User{17D3A409-CA5E-4A49-B944-445C23991201}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | "UDP Query User{363E62B1-0A2B-46D5-8EC5-7164000B1662}C:\program files\cod2\setup\data\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\cod2\setup\data\cod2mp_s.exe | "UDP Query User{ABF1EE88-357C-46B0-8C20-B294BBB9D041}C:\users\sandoz\appdata\local\temp\45fb.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\sandoz\appdata\local\temp\45fb.tmp\kmservice.exe | "UDP Query User{CAE6C758-895D-4414-A149-4012BCAA5594}C:\program files\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield heroes\bfheroes.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100 "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.8.4.2390 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{25DDA4EC-DEBF-4297-B4DA-EEEF7FCEBA24}" = Lenovo Screensaver v1.0 for vista x86(en) "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6 "{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}" = Lenovo System Repair - Windows Update Monitor "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 4.0 "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1D751709-BA6C-49E2-844B-4F4F20F410C9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6606F321-8216-466E-981E-B75A14C46894}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center "{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8) "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B39AA98E-C966-46C9-ACA2-D2586E300988}" = WinFlash "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{DDC5B3E0-C656-4070-9CF0-E592EC60AD42}" = MotoConnect "{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4 "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition "{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "7-Zip" = 7-Zip 9.21beta "Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CCleaner" = CCleaner "EasyCapture3.0" = EasyCapture "foobar2000" = foobar2000 v1.1.11 "Gadu-Gadu 10" = Gadu-Gadu 10 "HaaliMkx" = Haali Media Splitter "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic) "lenovo_11.74" = Lenovo EasyCamera Driver Package v11.74.2025 "LiveVDO plugin" = LiveVDO plugin 1.3 "Mafia_is1" = Mafia "Matroska Pack" = Matroska Pack "Maxthon3" = Maxthon Cloud Browser "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "OCCT_is1" = OCCT Perestroika 3.1.0 "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "OpenAL" = OpenAL "PhotoScape" = PhotoScape "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "Recuva" = Recuva "SMSERIAL" = Motorola SM56 Speakerphone Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "Usbfix" = UsbFix By El Desaparecido "uTorrent" = µTorrent "VeriFace III" = VeriFace III [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-662459261-2097686485-2363488366-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BankBrowser" = BankBrowser [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-10-07 18:14:33 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-08 00:28:38 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-08 09:29:59 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-08 09:49:55 | Computer Name = sandoz | Source = RasClient | ID = 20227 Description = Error - 2013-10-09 05:50:37 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-09 06:10:49 | Computer Name = sandoz | Source = VSS | ID = 8194 Description = Error - 2013-10-09 06:52:27 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-09 07:05:43 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-09 13:03:51 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = Error - 2013-10-09 14:04:46 | Computer Name = sandoz | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-10-09 07:02:11 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:02:15 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:02:21 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:02:25 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:02:30 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:02:35 | Computer Name = sandoz | Source = cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2013-10-09 07:05:11 | Computer Name = sandoz | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 2013-10-09 13:02:12 | Computer Name = sandoz | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 2013-10-09 14:04:22 | Computer Name = sandoz | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 2013-10-09 14:10:00 | Computer Name = sandoz | Source = Dhcp | ID = 1002 Description = Serwer DHCP 0.0.0.0 odmówił dzierżawy adresu IP 192.168.0.11 dla karty sieciowej o adresie 001E65DA8C5C. (Serwer DHCP wysłał komunikat DHCPNACK). < End of report >