OTL Extras logfile created on: 2014-04-08 17:31:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Domunuta\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16521) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 28,24% Memory free 5,93 Gb Paging File | 3,45 Gb Available in Paging File | 58,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,09 Gb Total Space | 35,65 Gb Free Space | 25,09% Space Free | Partition Type: NTFS Drive D: | 143,00 Gb Total Space | 12,42 Gb Free Space | 8,69% Space Free | Partition Type: NTFS Drive F: | 7,39 Gb Total Space | 3,86 Gb Free Space | 52,23% Space Free | Partition Type: FAT32 Computer Name: COMPUTER | User Name: Domunuta | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software) [HKEY_USERS\S-1-5-21-3867551667-1530956314-2525137787-1001\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{012AC47D-C314-421E-B578-B11CFBDC320C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{142B247E-906C-4DA6-B97B-BA8835991AFE}" = rport=445 | protocol=6 | dir=out | app=system | "{19656329-8566-4B67-9075-731DF3369677}" = lport=2869 | protocol=6 | dir=in | app=system | "{440416C3-CC0C-4C46-8031-C88C85281D74}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{59B0B2B6-76CF-4A82-9859-EE613F9EDC7B}" = lport=10243 | protocol=6 | dir=in | app=system | "{6A4C96BC-F581-4204-93C1-79854D34BCF3}" = rport=138 | protocol=17 | dir=out | app=system | "{6B9EB301-D733-42BE-B0F6-3CAC79B4DE28}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6D8577CB-795F-4CB3-A0A6-A072BD06744C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7CBF096D-1B1D-4C54-B285-C44219A8E283}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{85432039-3DA5-44E8-9F59-8B17B7D6CFD0}" = lport=138 | protocol=17 | dir=in | app=system | "{86DC80F2-CC8B-4DAF-8A54-D65D6AE8862F}" = rport=139 | protocol=6 | dir=out | app=system | "{8A4E8B00-ED0C-4E7D-95C6-90BC28332B2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{8FF25C14-3321-4E23-AE36-381BF4BFF707}" = lport=139 | protocol=6 | dir=in | app=system | "{9E7F44CE-5414-4B95-BC93-714AD34DCDF0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AF7EE542-3D92-493F-8794-4DBBBECD4DE5}" = lport=137 | protocol=17 | dir=in | app=system | "{BA1F55ED-32A5-462D-9DFE-5A78D5A0ABF2}" = lport=445 | protocol=6 | dir=in | app=system | "{D806757A-BE05-4DAA-8F70-FF51D0C1F093}" = rport=137 | protocol=17 | dir=out | app=system | "{DCD59977-C484-4B0C-BEB6-5FF10CFFD73A}" = rport=10243 | protocol=6 | dir=out | app=system | "{EA8E63C8-AE00-46E8-AA8B-3C162C37F225}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EBA8C24A-3927-44D2-AB2F-BC03E16C3151}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FCD5B545-C00D-4F68-ADCD-0118D6CDA1B4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{053198CF-E826-4D8E-962C-873BEA059DF1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0BE82968-EAFB-43E7-A798-6383DCF027C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0DCC743A-CFA0-42A9-85B1-B34F294785C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{216E7D9C-23A5-499F-81B4-3CF0882A3399}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{272DA51F-7334-43CA-AEF7-DEE550F1F796}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "{29EB4664-4A3B-4F73-9EA6-1E92789FA75F}" = protocol=6 | dir=out | app=system | "{31F05CB8-E7D5-4F95-B496-2CCF4B05DA8F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3F28FA7E-2E29-47E5-9B08-14E53B2C7EC9}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe | "{4608201A-3309-4CC4-960E-8AA7EA37BC83}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{560BFA5B-E95A-4468-AAA3-136F2FC5B468}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{62B28D8A-009B-4599-B034-C178C967D506}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{69075E21-344F-4816-A452-1098E7B201B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6E6FE22C-0B1C-4E1B-9C97-EBAFB0C5CD65}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{6FF1CDEA-A9C6-4832-9D24-27554A19E64B}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{742770C9-386A-4149-9FF7-A2D6B740A897}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{758655F0-5037-4A6A-95A2-3EEA4409483C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{9594BB95-CBBF-4B22-A015-8F2209BB3D6D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{97BB4019-B590-46B9-9F0C-E1980396FEF7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9F0463B9-5268-4A7D-AA5F-99862CC2CEBE}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "{B5712C5E-3F1F-4F21-8282-755626910C02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B6D0F858-4CA8-41B5-BF64-FFAA07419E6A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BE58A6A4-19C5-4F88-B7D6-01D199A9875C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C2CED104-1705-4BBF-8177-8D69AA926316}" = dir=in | app=c:\users\domunuta\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{C39FD1ED-86F1-4999-A3A3-86668897950C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C8C43C69-AAD8-496E-91FC-12196C837263}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C8D74793-097D-4D4B-BAC5-1233A299A465}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CCDEC8FA-61A3-43BA-9620-EBC56CAB00FF}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{FD97D494-A48A-405B-8F47-9E1ADA742223}" = protocol=6 | dir=in | app=c:\program files\gameforgelive\gfl_client.exe | "TCP Query User{20C296A1-0099-4A28-86DC-73A08A69C623}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "TCP Query User{300E4890-6FE2-4DE1-A428-764E5BEF3AA1}D:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\program files\counter-strike 1.6\hl.exe | "TCP Query User{427E2061-2EC6-47E4-9BBC-A02AB20BBAC6}C:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe | "TCP Query User{49D522FC-FA73-4E7B-98CB-55235C7AE7F0}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{106676B2-B34B-4000-A7E7-77DDF1CB40BF}D:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\program files\counter-strike 1.6\hl.exe | "UDP Query User{1703B49D-281E-4115-B828-1D36A1A2522F}C:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe | "UDP Query User{B622BD28-837D-4727-BE6B-92DA346FB344}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "UDP Query User{E382990F-B9F2-4DD2-9D9B-9ABA3036AADB}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{3BDEE284-1516-40E8-B784-00FEBE1B1045}" = Nero 7 Essentials "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.0 "Baby Genius" "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Polish "{B239B43B-3E99-40B0-80BF-1B1BCA868D4E}_is1" = Podatnik.info PIT pro 2013 wersja 2.0.15.26451 "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Zwierzaki "{C83B8B35-C2C4-3302-9A6E-C2AF1A59E8D6}" = Microsoft .NET Framework 4.5.1 (PLK) "{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FB83467F-D8EB-43E6-8B3D-860B045C1C52}" = Overwolf "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "Avast" = avast! Free Antivirus "BitComet" = BitComet 1.36 "Bonanza Deals" = Bonanza Deals (remove only) "ConvertAd" = ConvertAd "Counter-Strike 1.6 Full" = Counter-Strike 1.6 Full v48 "DefaultTab" = DefaultTab "delta" = Delta toolbar "Delta Chrome Toolbar" = Delta Chrome Toolbar "Google Chrome" = Google Chrome "Inkscape" = Inkscape 0.48.4 "LinkSwift" = LinkSwift 3.0.0 "McAfee Security Scan" = McAfee Security Scan Plus "Minecraft1.7.2" = Minecraft1.7.2 "Mobogenie" = Mobogenie "Mozilla Firefox 28.0 (x86 pl)" = Mozilla Firefox 28.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NSS" = Norton Security Scan "Opera 18.0.1284.49" = Opera Stable 18.0.1284.49 "Origin" = Origin "PhotoScape" = PhotoScape "qone8 Browser Protecter" = qone8 Browser Protecter "RealPlayer 16.0" = RealPlayer "TeamSpeak 3 Client" = TeamSpeak 3 Client "TinyDM" = Tiny Download Manager (remove only) "Winamp" = Winamp "WinRAR archiver" = WinRAR 5.00 (32-bit) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3867551667-1530956314-2525137787-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "PhotoFiltre 7" = PhotoFiltre 7 "Softonic for Windows" = Softonic for Windows "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = Error - 2013-12-28 21:44:10 | Computer Name = Computer | Source = Rejestrator dźwięku | ID = 65535 Description = [ System Events ] Error - 2014-04-08 00:59:28 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-04-08 01:03:22 | Computer Name = Computer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 07:00:21 na ?2014-?04-?08 było nieoczekiwane. Error - 2014-04-08 01:03:21 | Computer Name = Computer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-04-08 01:03:21 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-04-08 01:03:29 | Computer Name = Computer | Source = BugCheck | ID = 1001 Description = Error - 2014-04-08 02:07:01 | Computer Name = Computer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-04-08 02:07:01 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-04-08 08:40:23 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-04-08 09:36:38 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-04-08 10:37:38 | Computer Name = Computer | Source = atikmdag | ID = 43029 Description = Display is not active < End of report >