OTL Extras logfile created on: 2014-03-06 19:37:49 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 69,31% Memory free 7,99 Gb Paging File | 6,66 Gb Available in Paging File | 83,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227,98 Gb Total Space | 186,58 Gb Free Space | 81,84% Space Free | Partition Type: NTFS Drive D: | 224,79 Gb Total Space | 183,60 Gb Free Space | 81,68% Space Free | Partition Type: NTFS Drive E: | 12,79 Gb Total Space | 2,14 Gb Free Space | 16,72% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{18513940-87AB-4E6E-9EF8-6094F7F92397}" = lport=138 | protocol=17 | dir=in | app=system | "{1BD845E5-022A-4A8E-AE11-41EEF3E7451E}" = rport=139 | protocol=6 | dir=out | app=system | "{3AEBA5A9-1BB6-44D6-8983-FD74B518A285}" = lport=445 | protocol=6 | dir=in | app=system | "{409013B3-4841-486F-BC14-024A9AD61C0F}" = rport=137 | protocol=17 | dir=out | app=system | "{574EF398-62F8-43E0-8C9C-585F557041BD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{5A26DFE8-2632-4B4D-9F23-25F12732DE38}" = lport=139 | protocol=6 | dir=in | app=system | "{6776D2D2-5369-4E3C-99C6-B75303E1E9F7}" = rport=10243 | protocol=6 | dir=out | app=system | "{76C4DBD0-FE91-47E0-BDA6-8DD2B3AC6E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7BF556F0-F093-4321-AD4E-F5095F2D0783}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7E5E4396-F3E9-4CB7-8070-06187FA6FEEF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{94E4C0BC-63A5-4F4A-92F7-939DFFB366F5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{971A98AA-5286-446A-A6C7-B0F63A63F2B7}" = lport=137 | protocol=17 | dir=in | app=system | "{A4917FD9-D1D1-4D06-83A6-27F0A026A3D5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A9034C67-F3C7-467D-BCDE-1E3DE29831D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A9E532F8-3483-40DD-9AAC-111CECA20E1A}" = rport=445 | protocol=6 | dir=out | app=system | "{AA95B411-9B25-4ED5-8A94-FA4B49D6092A}" = lport=2869 | protocol=6 | dir=in | app=system | "{CFD54F92-CA05-45F5-A2BF-7264573BBF17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E32C8AC7-F524-4609-B812-E7BF55659D8A}" = lport=10243 | protocol=6 | dir=in | app=system | "{E37FF4B6-B0E1-46B0-9BF6-9C86EAFF9517}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EED8BE5E-62E1-477D-A307-F6437DB373B9}" = rport=138 | protocol=17 | dir=out | app=system | "{F83FEF48-FEA3-41BC-9774-A360B65A47DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{182103F0-A7ED-4D5A-AE7A-5ADD2671B38F}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{21E722E8-A2F3-4F86-ABE2-9F88276F86FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2D659038-FD7B-4D7F-B7E7-56C0FDD05357}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2F349B41-11D1-4D59-A6DE-F2EA54B24FE7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{308F5EE5-4D95-44F1-8A2C-248DE3CF0016}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | "{62554048-188C-4570-B955-354908C4A0DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A60450F-1C85-4876-AA67-EC435B49A8D0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{74B889B1-11CF-47F2-ACF7-0B7C06971C25}" = protocol=17 | dir=in | app=c:\users\user\downloads\utorrent.exe | "{7711CA26-C4F3-4A31-AE7C-33C0172C2FD3}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe | "{78BC8A99-5C67-413B-9E36-540B5861DB2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7F5627D2-6DCA-4E79-B85D-26DAE998E6A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{87CF4D72-427F-43A9-AE2A-74C862221782}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8AB42ADE-EC10-4E08-9ED6-5A2112643F03}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8B158684-22AB-4C79-8753-7BF269388892}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8EC54B52-B74C-461C-8A04-72FDF904EB52}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9031995B-A3B8-4119-BCAF-579F2F650192}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9E6C042E-07D7-436B-9D25-8AFE4B9C9101}" = protocol=6 | dir=out | app=system | "{A1BFF5C0-E048-48B5-A3AC-E2AAE402383E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AA83C051-0E7B-43F7-B8E7-83E68822559C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B3EE48D9-CB0C-47C0-83A4-298F8A008F31}" = protocol=6 | dir=in | app=c:\users\user\downloads\utorrent.exe | "{C1A99AF8-7A71-4409-AF96-8D272F913479}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C50AC482-9021-49CE-8411-76DB5F92844A}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | "{E124027E-5664-4B1A-9AD6-EF98AA8F30E3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F4BFDD1E-E9F8-4A8A-89B8-6102D6E32FB7}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe | "{F6620187-2BCF-4FA0-816F-A247F46059B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FA0D5D12-81B9-478E-A17D-2E717EE243E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FB59BB1E-9128-484C-812A-C3781B59A872}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9) "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300 "Mozilla Firefox 27.0.1 (x86 pl)" = Mozilla Firefox 27.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "PhotoScape" = PhotoScape "PhotoToolkit_is1" = Photo! Editor 1.1 "WinRAR archiver" = WinRAR 5.01 (32-bitowy) "World of Warcraft" = World of Warcraft [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-02-28 03:39:58 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-28 15:01:49 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-01 03:52:42 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-02 12:01:08 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-03 04:56:14 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-04 23:35:17 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-05 15:25:57 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-06 05:57:45 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-06 13:36:32 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-06 14:11:53 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-03-05 17:32:50 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-05 22:05:41 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-06 00:11:26 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-06 05:55:57 | Computer Name = User-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-06 05:55:57 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-06 08:41:13 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-06 13:34:45 | Computer Name = User-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-06 13:34:45 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-06 14:10:05 | Computer Name = User-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-06 14:10:05 | Computer Name = User-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active < End of report >