OTL Extras logfile created on: 2014-05-27 16:13:45 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Damian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,91 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 65,64% Memory free 7,83 Gb Paging File | 6,54 Gb Available in Paging File | 83,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 178,00 Gb Total Space | 118,25 Gb Free Space | 66,43% Space Free | Partition Type: NTFS Drive D: | 265,30 Gb Total Space | 163,41 Gb Free Space | 61,60% Space Free | Partition Type: NTFS Drive H: | 29,11 Gb Total Space | 20,35 Gb Free Space | 69,92% Space Free | Partition Type: NTFS Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-1405667913-2229257574-1355565730-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0DBC89FC-76E2-4B4F-9E4D-94B0417DDEB6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4823B170-786B-4E8C-A0D3-51BA66A0BF1B}" = rport=139 | protocol=6 | dir=out | app=system | "{5F3E5E46-F9AF-4D08-BA72-F34252DB1E43}" = rport=445 | protocol=6 | dir=out | app=system | "{82CDDE3C-F525-4AFF-A3A9-9B12EB47AB36}" = lport=137 | protocol=17 | dir=in | app=system | "{A8F87FD2-CB58-4AE8-BC6B-82A728575DE7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B1ADC4CE-856A-4784-9D8B-FB664484B487}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{BD6C9512-993A-42E7-9C40-2E1CDD58C82A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C57FDBA0-8B46-48F9-9AAE-A91943D1C5AC}" = lport=138 | protocol=17 | dir=in | app=system | "{E32112B7-020A-4F74-89B4-1A303283F4BA}" = rport=137 | protocol=17 | dir=out | app=system | "{EC06B686-EDAD-463D-B8A2-59D44BF1C6EB}" = lport=139 | protocol=6 | dir=in | app=system | "{EC8D882C-0AE2-4C11-B337-8C4954689EE3}" = rport=138 | protocol=17 | dir=out | app=system | "{EEE7A819-EA41-40C3-89AF-1D8152E92275}" = lport=445 | protocol=6 | dir=in | app=system | "{EFF55FF9-FF0B-499B-BEE9-0B4EDCC92D85}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F7FCD997-C27B-4502-A7BA-7ADD8F2F2D89}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C56C0F8-6249-405F-90A9-E0C0C481C092}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{10B30E8D-A90C-4C8F-8D10-8E8665CA4BC4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{2573B559-AB24-4118-ADF0-296B2DBF28A4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{36443A03-06E4-42A7-8631-05DDC64E7A0A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{49723BE4-67D6-4979-AFC6-AAFE8646EEEA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{514266C6-193A-46B5-8672-0475BC295271}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{8234128C-EEA8-4786-9167-29207C9FF097}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{86A15B9B-AE6A-4C94-811F-66399E075AB4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{86DF01F1-AAAC-4D32-8858-4CAE80E5E0B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{8E1B9561-ABE4-47AC-9F32-CA659FEB7DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{94FE2E28-60AE-4A3E-923A-E2496CD7E7B5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{977C903C-2B71-460F-AC37-15BEA3D1AE89}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{A62F17F3-A349-4041-A39B-5CD63160AF25}" = dir=in | app=c:\users\damian\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{B1D611C2-1B68-435F-B308-75F116DE9B8C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{BBC42224-75CE-49BB-AC93-8CEFFC780AE9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{C4D5A5A2-0501-4AF4-96CF-F704650B2A19}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{CB53E593-D24D-4ED1-906F-013FF50CD545}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{D2ECC1AF-1527-4143-9A87-C646E7B9379E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DE5EA26E-23A6-4E3F-BE18-D458E31576EF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{E35AAE2E-6C58-4AF8-BB1D-4B34AF88F039}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{E7D3B7E6-BABF-4BD7-9629-2CBC6C9D189D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{F2199F6C-DF44-49B6-AEEA-48F42C6FA900}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{190425E7-80E5-43AF-8F88-51F17E67E839}C:\users\damian\appdata\local\id software\quakelive\quakelive.exe" = protocol=6 | dir=in | app=c:\users\damian\appdata\local\id software\quakelive\quakelive.exe | "TCP Query User{AECEE894-3794-4635-81B2-8641789B8C61}C:\users\damian\appdata\local\id software\quakelive\quakelive.exe" = protocol=6 | dir=in | app=c:\users\damian\appdata\local\id software\quakelive\quakelive.exe | "UDP Query User{3E959EB0-BC73-4E5E-87B6-AA7DC82E8765}C:\users\damian\appdata\local\id software\quakelive\quakelive.exe" = protocol=17 | dir=in | app=c:\users\damian\appdata\local\id software\quakelive\quakelive.exe | "UDP Query User{B64B35EB-124D-4234-91BE-CB943053776A}C:\users\damian\appdata\local\id software\quakelive\quakelive.exe" = protocol=17 | dir=in | app=c:\users\damian\appdata\local\id software\quakelive\quakelive.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{BC06BAEB-6D52-4D69-82EB-56CF1594C6A7}" = AVG 2014 "{CB21CD89-A4D3-4240-9AAA-55DCE7F3D076}" = AVG 2014 "AVG" = AVG 2014 "CCleaner" = CCleaner "WinRAR archiver" = WinRAR 5.00 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16 "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "Huawei E5372" = Huawei E5372 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "PLAY ONLINE" = PLAY ONLINE "Quake Live" = Quake Live "RealPlayer 16.0" = RealPlayer "Tibia_is1" = Tibia [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1405667913-2229257574-1355565730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-03-15 11:57:35 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-16 05:53:20 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-16 15:49:10 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-17 10:55:57 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-17 14:30:53 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-18 11:53:11 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-18 12:56:08 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-19 17:21:13 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-20 14:25:44 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-03-20 15:10:59 | Computer Name = Damian-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-05-15 13:23:21 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2014-05-15 13:49:19 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SpyHunter 4 Service z powodu następującego błędu: %%2 Error - 2014-05-15 13:49:27 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2014-05-15 13:49:27 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2014-05-16 10:24:09 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SpyHunter 4 Service z powodu następującego błędu: %%2 Error - 2014-05-16 10:24:18 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2014-05-16 10:24:18 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2014-05-16 10:34:54 | Computer Name = Damian-Komputer | Source = Microsoft Antimalware | ID = 2001 Description = Error - 2014-05-16 10:34:54 | Computer Name = Damian-Komputer | Source = Microsoft Antimalware | ID = 2001 Description = Error - 2014-05-17 07:15:39 | Computer Name = Damian-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SpyHunter 4 Service z powodu następującego błędu: %%2 < End of report >