OTL Extras logfile created on: 2013-05-15 15:04:21 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adrian\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 40,34% Memory free 4,00 Gb Paging File | 2,67 Gb Available in Paging File | 66,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 53,71 Gb Total Space | 23,40 Gb Free Space | 43,57% Space Free | Partition Type: NTFS Drive D: | 412,04 Gb Total Space | 136,30 Gb Free Space | 33,08% Space Free | Partition Type: NTFS Computer Name: ADRIAN | User Name: Adrian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1644617884-16204230-2921145980-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{004DC596-580B-429C-B785-6DF204C87B2F}" = rport=445 | protocol=6 | dir=out | app=system | "{1D3E699B-A09D-4EB4-BC88-8EF07FBF2C68}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2130C3D3-3370-4BAA-8574-A9C4C5451766}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2CE3A8FA-5544-4728-A1EA-233D9BFEF6F4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3A0B6093-6951-4F10-95CD-7946064F9222}" = rport=137 | protocol=17 | dir=out | app=system | "{4D5F494B-BBEF-4EF9-8BA4-3EADB7BD97AC}" = rport=139 | protocol=6 | dir=out | app=system | "{56B0BC5D-41A7-45C0-9F7A-9BF8C7179EB5}" = lport=445 | protocol=6 | dir=in | app=system | "{7E07AAE9-1992-466D-AC6A-373DF08D7C9B}" = lport=138 | protocol=17 | dir=in | app=system | "{9536C15E-47F0-4B67-8D27-0CBD504151BC}" = rport=138 | protocol=17 | dir=out | app=system | "{97FE7AAE-32C0-4622-AC77-0DFC23B3B444}" = lport=139 | protocol=6 | dir=in | app=system | "{9B12CF6A-076F-4890-8410-3687CC5FBE28}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E78F33AC-B6C9-4752-9C1C-C2805A8B5359}" = lport=137 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{037622EA-15CD-4385-A967-E72137E57169}" = protocol=6 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\farcry3_d3d11.exe | "{246996B8-B4A3-4634-BB5B-6763EFAB8DC2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{2F3E3A7D-D4B0-48C2-9B4A-ACD2D77E1B6E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3234762B-1EF3-4BA1-98BF-278627135F48}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{508581DF-490E-4D59-BDA8-A30743BBCC21}" = protocol=17 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\farcry3.exe | "{537DA2FC-9982-4E8C-A7F8-9B4E3D83E1BC}" = protocol=17 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\farcry3_d3d11.exe | "{62A47164-005D-4352-807D-28D7698ACD2C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6712172C-E74D-445C-AA0C-35BB2F6A724F}" = protocol=6 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\fc3editor.exe | "{7B937769-4714-4C58-8683-8ECD0A2F9B6B}" = protocol=17 | dir=in | app=d:\fifa 13\rld-fifa13\heheheheheheehehehe\ja se gimbus\fifa 13\game\fifa13.exe | "{8762F176-C3BF-4ACE-B4AD-F607126B2738}" = protocol=6 | dir=in | app=d:\fifa 13\rld-fifa13\heheheheheheehehehe\ja se gimbus\fifa 13\game\fifa13.exe | "{8EE98962-B795-4B9E-8942-BAD12321E34F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{99E5B061-C4F0-414D-88FA-62F63F66ACFA}" = protocol=6 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\farcry3.exe | "{9D869785-DC71-4769-BDC9-A297A314F209}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{B4817AB3-5507-43B6-80ED-2AE9D7C53162}" = protocol=17 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe | "{B53FF5EC-3BCC-482A-B102-77FD394D82BE}" = protocol=6 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe | "{CAF492DE-8976-4F19-90C4-5F344A804D26}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{E2761227-A056-43DA-9D79-AF8D9F817205}" = protocol=17 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\fc3updater.exe | "{E3BED962-FFAC-4A9C-A11C-A5505EB7502E}" = protocol=6 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\fc3updater.exe | "{F2B9D8AE-2192-45C2-B7EE-71DF68B1B51F}" = protocol=17 | dir=in | app=d:\b.r.o\far.cry.3-reloaded\far crajek\bin\fc3editor.exe | "{FAA5B219-1F5A-4920-B505-B540713DDA96}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FB629027-DB47-4410-BA60-2ABC47E0300A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "TCP Query User{DA2A8329-AC9A-4C61-8B1A-225DB88F180B}D:\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\gadu-gadu 10\gg.exe | "TCP Query User{E9617F9A-2208-460F-9189-E9D57FAF0D9B}D:\urodzinymamnikomuichniedam\pes2013.exe" = protocol=6 | dir=in | app=d:\urodzinymamnikomuichniedam\pes2013.exe | "UDP Query User{73124F97-A662-4A1A-A6FE-485F86005E8F}D:\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\gadu-gadu 10\gg.exe | "UDP Query User{A0C11EEE-50AE-49AD-B744-A42C59A5C026}D:\urodzinymamnikomuichniedam\pes2013.exe" = protocol=17 | dir=in | app=d:\urodzinymamnikomuichniedam\pes2013.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "Airytec Switch Off" = Airytec Switch Off "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "WinRAR archiver" = WinRAR 4.20 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = USB Vibration Joystick "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{61A994FF-D39B-4937-9DB9-87EC4E91B316}" = USB GAMEPAD "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13 "{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013 "{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "AbiWord2" = AbiWord 2.8.6 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.9.0 "Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PunkBusterSvc" = PunkBuster Services "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. < End of report >