OTL Extras logfile created on: 2014-03-03 22:46:11 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\USER\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,75 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 36,49% Memory free 7,50 Gb Paging File | 1,52 Gb Available in Paging File | 20,34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 38,96 Gb Total Space | 2,07 Gb Free Space | 5,32% Space Free | Partition Type: NTFS Drive D: | 35,46 Gb Total Space | 10,69 Gb Free Space | 30,15% Space Free | Partition Type: NTFS Drive I: | 14,40 Gb Total Space | 2,47 Gb Free Space | 17,13% Space Free | Partition Type: FAT32 Computer Name: PC | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2954227110-2824576447-3551377607-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- Reg Error: Value error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "D:\Chomik Box\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- Reg Error: Value error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ChomikBox.Upload] -- "D:\Chomik Box\\ChomikBox.exe" -u"%1" ( ) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{056C9E40-32EF-4603-AA55-5F8F43EA92E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{182DD2E0-7F4F-48A4-AE1D-31E0A3F0854F}" = lport=57049 | protocol=17 | dir=in | name=pando media booster | "{1C76E945-0FF4-492F-A2C5-33E1FA41E722}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{22726946-F33A-46B7-A827-7200916AC963}" = lport=138 | protocol=17 | dir=in | app=system | "{23046041-A4D2-4CB1-A3D9-2294F89253D5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2A601587-2C92-47E7-B8DA-FAA36FD78DE2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{30BEF69C-6F7B-4DDB-9AF5-90C61FED2737}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{38300503-F95C-4F59-AB63-B5A7F9EAA1D8}" = lport=57049 | protocol=6 | dir=in | name=pando media booster | "{416CF602-6162-49E2-BD16-A2288B2975FF}" = rport=445 | protocol=6 | dir=out | app=system | "{418C4A6E-C629-4083-A76A-8F1E2DB1889D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4225EE35-E472-4351-8A76-488B68326E89}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{475054CB-C1ED-43E2-934F-1CFC2C26452B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{47613FC6-49E8-45BF-9AF7-06C04D20C154}" = rport=137 | protocol=17 | dir=out | app=system | "{4F5A678E-1231-431C-B9F3-BD8EFD314762}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{59BB5E1B-BD41-4352-9D11-09395B7CE8B9}" = lport=57049 | protocol=17 | dir=in | name=pando media booster | "{5D55EDAC-4A25-44B5-92F9-E95D43414868}" = lport=2869 | protocol=6 | dir=in | app=system | "{70543F98-6032-4E18-A8DD-23B952B36993}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{788DD804-47A6-46B4-BFD6-8BF06CF4BDDA}" = lport=10243 | protocol=6 | dir=in | app=system | "{7B922873-C7D8-401C-90B3-B6151BEF7CE1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8065D162-CC8C-4C89-BBD3-1FAD82B37B39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{873997B1-886A-4CCB-8535-9ED811408154}" = rport=10243 | protocol=6 | dir=out | app=system | "{8DF2E032-A0C8-4151-93F0-92B70AEC530F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{956F640A-A260-444D-BC88-A85A2E9A44A1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{9A7B1F4B-E89A-46F2-B4A3-91647DDFE1EC}" = lport=445 | protocol=6 | dir=in | app=system | "{A0FFFB9A-C7AD-435C-B0A8-77F32A82A07B}" = lport=139 | protocol=6 | dir=in | app=system | "{A2B456DB-FEDC-4CEB-AF48-C819B446A791}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A511C9B2-15FF-4AAB-B3F5-837858B63050}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C124C7D7-018F-41DB-9164-96D670A24C28}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D9108862-AB61-4B6C-89BF-13CCDE369FCD}" = rport=138 | protocol=17 | dir=out | app=system | "{DBE869ED-2CCF-45AD-BD40-95F62954A301}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{E51B2F87-55EE-4029-8019-95629FAE797C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{E80A46BE-E53E-4D94-99B1-018F14173B61}" = lport=137 | protocol=17 | dir=in | app=system | "{ED11777F-9234-4D65-90B9-D90DED31C02F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F67D9860-F996-4E0D-8E1C-E0B38C28AA00}" = rport=139 | protocol=6 | dir=out | app=system | "{FA0E8146-C00C-4545-B8B2-974DE1419BA0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FFB89EF7-E26C-4868-89E6-9F567608FFA5}" = lport=57049 | protocol=6 | dir=in | name=pando media booster | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{015FB85C-2A3F-41F2-A26E-65C93413A6EE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | "{0B340CA7-5A50-4741-9494-8796EAAA7A1B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0D32A20B-D79E-4FA2-B5E8-D4E585DFE8A6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{183E4435-548B-48AF-8626-E61B20D5FFFE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1A0A00D5-55EE-400F-A01B-82C90D171216}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{1C2379C8-7C1C-41EF-AFC4-528496DE15D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{1D4729C5-1C24-4517-BC55-5359D4DEDB4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1F607B5E-A62B-40AC-9976-97EF01890EA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{25B954AF-F2D1-400A-9676-EFA9FE7F351B}" = protocol=17 | dir=in | app=e:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe | "{28364C07-4BEA-4BC3-92D7-D019D9A98962}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2947D460-DC45-4CDD-95F9-3920DDDC5E8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{343BEBC6-A0BE-494C-B350-BDEDC97ABB5C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | "{35AC45BA-26A9-47C3-94DA-EB0EB2294EB0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{37696FC3-83DD-412E-96D8-6E00E46EE3E2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe | "{3B9BC69A-9863-4835-A1C2-1D0428CA3777}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{451836B2-E739-4601-90D1-67050B3F1D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{457D1537-7468-4A34-9E79-9F945141F320}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{463A8628-98BB-4127-A9C2-F7C9D3D744BC}" = protocol=6 | dir=in | app=d:\heart stone\battle.net\battle.net.exe | "{46ADD1DD-63D5-42D3-A88E-BBBD06D26968}" = protocol=17 | dir=in | app=d:\heart stone\battle.net\battle.net.exe | "{48C52C0E-864C-4786-B118-DBDC52CBC11B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{4C388588-A942-41C5-B8C8-916AE6CFD80A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{549A8AA8-E80A-4221-B1C0-DF86C081AFF9}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{600F1F07-4B13-490A-BD26-63C38F03E21F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6C1E7E81-0252-416B-BD10-B3381A3A492C}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{6FC0BFBE-58BA-478C-9F95-D177412B4E71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{70C8BEE8-9003-44EF-A58A-0B964026A78E}" = protocol=6 | dir=in | app=e:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe | "{70FFCEC2-0FCE-4392-A7D1-CB922AFECBF6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{77F57BE9-FB92-4A38-91BF-B135BA2ED56E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{80657030-478A-4AC1-890C-4E03D2D22476}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{85728DCE-6737-4A1B-8773-32A0712BBECB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{86CA5DD9-F3E9-408F-A808-BD7E22DFDA80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8E9583EA-63A6-4599-8CF5-146D1C18AA62}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{927B1CB0-A285-48DD-A42D-683F11F21579}" = protocol=17 | dir=in | app=d:\heart stone\hearthstone\hearthstone.exe | "{A0A4E054-45DE-4C5F-9186-52CE221A311A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | "{A75F80F2-991A-4DF3-A560-964435C3ADFC}" = protocol=6 | dir=out | app=system | "{B7309566-2014-4A71-A0D6-B786DCB4A601}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe | "{B85972E5-AC69-4980-9D9D-CCCF8E85E87E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B948E943-AA11-437E-B61B-AF0981CFD770}" = protocol=6 | dir=in | app=d:\heart stone\hearthstone\hearthstone.exe | "{BFBAF255-3276-4548-9CD3-EB902AE7B970}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C2897825-42B9-4D6C-AB77-DF85C052C9E3}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{C803BC53-A652-423C-BE95-9391924EDD55}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | "{C9B28A67-E0B0-4B42-9C60-CE05EA5A01E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DC634896-FE32-4D5B-AA90-F028F15A40CC}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe | "{E1071E7B-CE78-4E47-9A69-86EC92BDC734}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{EB7C6112-851C-43F7-8774-EB6EADCD9B9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EC580FCA-1FE0-418E-8C32-894F2E59E93C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F0717094-3C9D-4DF1-B234-78B93B2F996E}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe | "{F166B581-9B31-4D51-BD3F-21BA24143B1D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F3D9015F-EF47-497C-91C7-05FB721D262C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{FFEA6B3E-3F1B-4AA0-BCA6-65D906F74228}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "TCP Query User{09BE9713-F4E5-432D-93BE-592E335EE464}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{0AAE15B2-77AC-46B3-AC18-203314F6BB6A}D:\mohaa\moh_spearhead_server.exe" = protocol=6 | dir=in | app=d:\mohaa\moh_spearhead_server.exe | "TCP Query User{3E31E2CC-A2C4-4175-A59A-EC829CC62885}D:\mohaa\moh_spearhead.exe" = protocol=6 | dir=in | app=d:\mohaa\moh_spearhead.exe | "TCP Query User{9251FD85-333B-4B33-97B3-324DADBF9341}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "TCP Query User{A684D559-0E7F-40C5-846C-05C822A27225}E:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe | "TCP Query User{A74ADCCA-ADEF-4EF0-B781-0D1CCC30834F}D:\mohaa\fpupdate.exe" = protocol=6 | dir=in | app=d:\mohaa\fpupdate.exe | "TCP Query User{BF5B250A-041A-42DA-AEEA-384E977236F4}C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe | "TCP Query User{BF5EC443-FA1C-43DF-9C56-22D818DD8A40}D:\mohaa\mohaa.exe" = protocol=6 | dir=in | app=d:\mohaa\mohaa.exe | "TCP Query User{BFC6A0D7-54D8-4E6A-A9D2-BFEA93730952}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{C1720AC8-322F-41B0-8479-B3B21CA6A3B3}C:\Program Files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{EC6239A4-A0ED-4DE0-9FC6-F6969494BAE7}E:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe | "UDP Query User{3B55F369-BD1A-4D37-8604-30EB0865D25C}C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe | "UDP Query User{71F7A885-DD83-4902-BDB0-965F0FD88CEC}E:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\td-w8950nd\fscommand\easysetupassistant.exe | "UDP Query User{8373AF3D-6E5E-4A82-8D13-2AF0081809F8}D:\mohaa\moh_spearhead_server.exe" = protocol=17 | dir=in | app=d:\mohaa\moh_spearhead_server.exe | "UDP Query User{847E007B-D0B9-4789-9085-420258273CDE}E:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe | "UDP Query User{94E181FA-D0EA-4F0E-A87B-991B74A31DDD}D:\mohaa\fpupdate.exe" = protocol=17 | dir=in | app=d:\mohaa\fpupdate.exe | "UDP Query User{9CA52012-2061-4F3E-A297-7641CFDC738F}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "UDP Query User{B2359C4E-EED2-4EF3-9E54-864E32770C64}D:\mohaa\moh_spearhead.exe" = protocol=17 | dir=in | app=d:\mohaa\moh_spearhead.exe | "UDP Query User{C8DF3B7E-2274-41CD-ADAE-C4B6B545094A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{D40CCE2C-7411-482F-AD1B-32CFA5372C92}C:\Program Files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{D9ABABCC-D6CB-4BE3-80CB-51864B91456F}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{ECFB9A00-9CBD-4C7B-892C-ECD7E3FEAE30}D:\mohaa\mohaa.exe" = protocol=17 | dir=in | app=d:\mohaa\mohaa.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01078B88-2981-4F75-96B0-8B22E2D2DE03}" = Microsoft SQL Server 2008 R2 Setup (English) "{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 SP1 Common Files "{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 SP1 Common Files "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8909B8A7-CEAB-4772-BF29-1892C4E6603B}" = Microsoft SQL Server 2005 Backward compatibility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 SP1 Database Engine Shared "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 307.83 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 307.83 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files "{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 SP1 Database Engine Shared "{D8C23BDE-4748-44D9-A9DD-8AB64EB18BE3}" = Microsoft SQL Server 2008 R2 RsFx Driver "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 SP1 Database Engine Services "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 SP1 Database Engine Services "CCleaner" = CCleaner "lvdrivers_12.10" = Pakiet sterowników: Logitech Webcam Software "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit) "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "PDF Creator" = PDF Creator [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{21D0FABB-0006-472F-8918-9179DF431E2E}_is1" = Testy na prawo jazdy 2013 kat. B wersja 2.0 "{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51 "{2ABBBEA8-D801-46AA-9E27-C62EB2724494}_is1" = Testy B 5.0.3.23 "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}" = Gothic II - Noc Kruka "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1" = Ashampoo Movie Studio v.1.0.13 "{91BA5476-8B26-49E4-84B2-9EFE10917B33}" = LogMeIn Hamachi "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup "{A56028FC-1F40-4369-9941-7AAAC6ACE924}" = LastChaosPoland "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI - Polish "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}" = Medal of Honor Allied Assault(tm) Spearhead "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Twierdza "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.188 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "avast" = avast! Free Antivirus "Battle.net" = Battle.net "DAEMON Tools Lite" = DAEMON Tools Lite "HDvid Codec V1" = HDvid Codec V1 "Hearthstone" = Hearthstone "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Medal of Honor" = Medal of Honor "Medal of Honor - Spearhead" = Medal of Honor - Spearhead "Mozilla Firefox 27.0.1 (x86 pl)" = Mozilla Firefox 27.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Picasa 3" = Picasa 3 "PowerISO" = PowerISO "Sąsiedzi z Piekła Rodem 2_is1" = Sąsiedzi z Pekła Rodem 2 - Na wakacjach "Sąsiedzi z Piekła Rodem_is1" = Sąsiedzi z Pekła Rodem - Słodka zemsta "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2954227110-2824576447-3551377607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "DSite" = Update for Image Editor "GG" = GG "Image Editor Packages" = Image Editor Packages "Image Editor Packages 29" = Image Editor Packages 29 "Minecraft Packages" = Minecraft Packages "PDF Writer Packages" = PDF Writer Packages "TeamSpeak 3 Client" = TeamSpeak 3 Client "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-03-03 03:47:12 | Computer Name = PC | Source = Windows Search Service | ID = 7042 Description = Error - 2014-03-03 03:47:12 | Computer Name = PC | Source = Windows Search Service | ID = 9002 Description = Error - 2014-03-03 03:47:12 | Computer Name = PC | Source = Windows Search Service | ID = 3029 Description = Error - 2014-03-03 03:47:15 | Computer Name = PC | Source = Windows Search Service | ID = 3029 Description = Error - 2014-03-03 03:47:15 | Computer Name = PC | Source = Windows Search Service | ID = 3028 Description = Error - 2014-03-03 03:47:15 | Computer Name = PC | Source = Windows Search Service | ID = 3058 Description = Error - 2014-03-03 03:47:15 | Computer Name = PC | Source = Windows Search Service | ID = 7010 Description = Error - 2014-03-03 03:57:41 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: LVPrcSrv.exe, wersja: 12.10.1110.0, sygnatura czasowa: 0x4acc50c4 Nazwa modułu powodującego błąd: LVPrcSrv.exe, wersja: 12.10.1110.0, sygnatura czasowa: 0x4acc50c4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000007af2 Identyfikator procesu powodującego błąd: 0x60c Godzina uruchomienia aplikacji powodującej błąd: 0x01cf36b4659d1400 Ścieżka aplikacji powodującej błąd: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Ścieżka modułu powodującego błąd: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Identyfikator raportu: 7e3370c0-a2a9-11e3-8699-bc5ff4814492 Error - 2014-03-03 10:07:37 | Computer Name = PC | Source = Application Hang | ID = 1002 Description = Program FRST64.exe w wersji 3.3.10.2 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 22dc Godzina rozpoczęcia: 01cf36e8eb784ca0 Godzina zakończenia: 3 Ścieżka aplikacji: C:\Users\USER\Downloads\FRST64.exe Identyfikator raportu: Error - 2014-03-03 10:11:55 | Computer Name = PC | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.69.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1784 Godzina rozpoczęcia: 01cf36e7dde81ee0 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Users\USER\Downloads\OTL.exe Identyfikator raportu: [ Media Center Events ] Error - 2013-05-04 02:54:57 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 08:54:57 - Błąd podczas nawiązywania połączenia z Internetem. 08:54:57 - Nie można skontaktować się z serwerem.. Error - 2013-05-04 02:55:37 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 08:55:30 - Błąd podczas nawiązywania połączenia z Internetem. 08:55:30 - Nie można skontaktować się z serwerem.. Error - 2013-05-04 03:56:33 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 09:56:33 - Błąd podczas nawiązywania połączenia z Internetem. 09:56:33 - Nie można skontaktować się z serwerem.. Error - 2013-05-04 03:57:06 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 09:57:03 - Błąd podczas nawiązywania połączenia z Internetem. 09:57:03 - Nie można skontaktować się z serwerem.. Error - 2013-05-04 04:57:55 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 10:57:55 - Błąd podczas nawiązywania połączenia z Internetem. 10:57:55 - Nie można skontaktować się z serwerem.. Error - 2013-05-04 04:58:31 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 10:58:27 - Błąd podczas nawiązywania połączenia z Internetem. 10:58:27 - Nie można skontaktować się z serwerem.. Error - 2013-05-23 01:15:00 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 07:15:00 - Błąd podczas nawiązywania połączenia z Internetem. 07:15:00 - Nie można skontaktować się z serwerem.. Error - 2013-05-23 01:15:36 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 07:15:29 - Błąd podczas nawiązywania połączenia z Internetem. 07:15:29 - Nie można skontaktować się z serwerem.. Error - 2013-08-14 03:55:04 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 09:55:03 - Błąd podczas nawiązywania połączenia z Internetem. 09:55:04 - Nie można skontaktować się z serwerem.. Error - 2013-08-14 03:55:46 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = 09:55:36 - Błąd podczas nawiązywania połączenia z Internetem. 09:55:36 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 2014-03-03 03:44:25 | Computer Name = PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LVSrvLauncher z powodu następującego błędu: %%2 Error - 2014-03-03 03:45:03 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Net Driver HPZ12 zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2014-03-03 03:45:03 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Pml Driver HPZ12 zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2014-03-03 03:46:20 | Computer Name = PC | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą LogMeIn Hamachi Tunneling Engine. Error - 2014-03-03 03:46:20 | Computer Name = PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu następującego błędu: %%1053 Error - 2014-03-03 03:47:16 | Computer Name = PC | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error - 2014-03-03 03:47:16 | Computer Name = PC | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2014-03-03 03:48:53 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa HP Network Devices Support zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2014-03-03 03:57:46 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Process Monitor niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-03-03 17:48:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >