OTL Extras logfile created on: 2012-07-21 16:40:07 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Dzeton\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 72,05% Memory free 7,96 Gb Paging File | 6,59 Gb Available in Paging File | 82,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116,58 Gb Total Space | 99,44 Gb Free Space | 85,30% Space Free | Partition Type: NTFS Computer Name: DZETON-KOMPUTER | User Name: Dzeton | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-4034871919-1706968113-3139842641-1000\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0F89C438-DAB8-44C7-AB19-D577AC906F26}" = lport=10243 | protocol=6 | dir=in | app=system | "{343DD404-9992-4E21-9267-640DEFABD23E}" = rport=445 | protocol=6 | dir=out | app=system | "{3620AA09-0377-4671-8DC3-F6E481A34168}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3CD4CA90-6179-4992-8270-56D8D87C6CA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{47C48F79-8410-4334-9EB3-2B9D23E0A735}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{648219C3-D551-4BB3-A732-FBF71A3E03F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{76507861-6CE2-40D5-ACD3-96DD1C025ECD}" = rport=139 | protocol=6 | dir=out | app=system | "{7F87F16E-3737-4F17-B528-EAC712FD05AC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8D6AD38A-A719-4DCB-848B-109211DCE8E6}" = lport=137 | protocol=17 | dir=in | app=system | "{9087F047-8C2C-4668-BA6F-E777F4EFDEEC}" = rport=10243 | protocol=6 | dir=out | app=system | "{9384AA5F-031D-4D65-A527-36CD54B9DF10}" = lport=445 | protocol=6 | dir=in | app=system | "{A3F33D4F-BC66-46C4-8FE0-2B50640C2371}" = rport=137 | protocol=17 | dir=out | app=system | "{A87B820A-6512-4E99-856A-0ADE5DC067FD}" = lport=138 | protocol=17 | dir=in | app=system | "{B63A3D15-A4B0-4D3C-9F69-B575ACEBA0A2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CE549C40-A027-4F23-BAC9-5E80072DA82E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D99FD9A8-611B-48F4-BDC4-9805C2795E39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E19F76C2-C32F-439A-AD30-B60427B70890}" = lport=139 | protocol=6 | dir=in | app=system | "{E8EC6644-5B10-4C01-83D1-6A4DBBEFB3DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EAD2C375-BBB4-43A9-A137-FD86672A4ACC}" = lport=2869 | protocol=6 | dir=in | app=system | "{F6E8953D-833D-49C5-9541-E14A1CFE251D}" = rport=138 | protocol=17 | dir=out | app=system | "{F7F6D04D-38A7-432A-A01E-35A01B132CF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06932751-30EA-4738-A27F-B511D42F8E62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0A229202-8096-41F4-82C8-F9C4FB2E6772}" = protocol=6 | dir=out | app=system | "{13A7ADB7-0F6D-44F0-9A26-5BFBC5047EA8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{14969B54-FFA8-4A41-B452-06FE17748FB5}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{41EC97E5-DFF5-4F83-A14B-F5006AA64F7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4538806E-4EC3-4406-A876-D5F35EB04182}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{50276F0A-A019-4B29-89B4-E4E01B4C4E71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5539534C-5E07-4E57-B788-59F1F1725741}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6FA25E8B-D6DA-4C60-AAF3-56DCA562065B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{79EAF347-B5F9-4680-8F26-62FDD97F0C18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{83BD7636-12CB-4970-89ED-6B6D7B366AF7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9131D241-A450-4CC8-B186-BF187F484422}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{97AA1066-1892-4B6B-9098-89B548DA222D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9E4B8307-5003-471C-81ED-6AA02F866FFD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{9EFD2BCB-8A1B-4DB2-88B7-E3ACBAED1727}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A985D0F2-9789-47DE-9EE8-EB8CC6323959}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B720CDF8-2E9D-4E92-9360-6845F4978DDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B80A058D-AB80-4634-B336-26CD1E65B0D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D085F4E3-44C6-434C-A913-35C99961BE31}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EB874ED7-2B2D-415D-89F6-D3C78B385F5A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F20DC508-1B25-4ADE-BD68-73DF54F53E9B}" = protocol=58 | dir=in | app=system | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{23B01E31-9CBC-53FD-72F4-5CF437DA676F}" = ccc-utility64 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{541D3A3F-1FFC-9EB6-6C77-75809AAB87AE}" = ATI Catalyst Install Manager "{D7B3B493-7B68-28CE-5931-89A5125C45D3}" = ATI AVIVO64 Codecs "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E9FC036A-5DAB-831D-753B-BD638BA56AFF}" = AMD Media Foundation Decoders "{E9FEA3E7-500C-5E1A-046C-C691EF13FD56}" = AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{006D931C-AD2E-A65F-51E2-AE3FB83CB235}" = CCC Help Hungarian "{0654C311-8162-C6D9-6ABB-A113954E1089}" = CCC Help Russian "{0E14836D-D591-99A5-C466-A6401F086053}" = CCC Help Korean "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{2381D00F-49DF-4C8E-4B4A-CA9781DF2683}" = CCC Help Chinese Standard "{291447FE-2099-FBAF-CD15-43B98191B097}" = CCC Help English "{2F66385D-D2CA-A0D3-EDF3-F71066605A01}" = CCC Help Norwegian "{31CA2FC8-BBCC-A59C-3211-345EF6EDCCE1}" = HydraVision "{3377D18C-4EE2-602A-E7B7-48CBEBF6987E}" = CCC Help Japanese "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II "{3CFB128F-2E73-7CB3-A2B4-6DE6C70BF1E6}" = Catalyst Control Center InstallProxy "{3FF61E5F-7154-3D7D-369D-75020821C7CC}" = CCC Help Dutch "{4AD8CCBE-837C-5313-2949-11AA3AFCF96D}" = CCC Help Czech "{4FD0B0CE-BEEE-C3B6-A3B7-6D0A72CA8A6A}" = CCC Help Greek "{5B100086-71B6-10B4-0F46-9E637828AFCD}" = CCC Help Portuguese "{5B7A1368-AC06-5C3F-BB0D-B2334F565F66}" = CCC Help Swedish "{5C2FD960-1544-293D-6DC0-17E57B35298E}" = CCC Help Finnish "{5F7CCC36-9B1A-888D-03EE-4EED0D194505}" = Catalyst Control Center Graphics Previews Common "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver "{72B56E98-B4F8-D665-D451-2CB8CFB8AF2C}" = Catalyst Control Center "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{924C77DE-4C69-FC11-1835-8BD7E65FE2B5}" = CCC Help Polish "{98722C60-1CA9-BE00-D1A6-BEF7F09E4B0F}" = CCC Help Italian "{9E3301DE-169A-E81D-04DE-38F150AF4A8E}" = Catalyst Control Center Localization All "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{C2969BE7-1388-28D7-972D-2853D3D9B5A1}" = CCC Help Thai "{C7461496-595D-E1F0-D0BF-549B0AAE00A7}" = CCC Help French "{E44DAB74-22FC-1B73-0AFC-A530151BF0C6}" = CCC Help Turkish "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E6170043-7909-2B51-919E-CCD74C3A06DA}" = CCC Help Spanish "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F51288D5-3735-1DC9-2277-2FC062860216}" = CCC Help German "{F60C2F03-9B0F-FE3F-4F82-8453BAC8103B}" = CCC Help Chinese Traditional "{F9D3A337-A663-7008-9190-21F22EA5B18B}" = CCC Help Danish "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ System Events ] Error - 2012-07-21 10:23:40 | Computer Name = Dzeton-Komputer | Source = DCOM | ID = 10010 Description = < End of report >