OTL Extras logfile created on: 2014-06-28 13:29:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 0,32 Gb Available Physical Memory | 16,31% Memory free
3,98 Gb Paging File | 1,61 Gb Available in Paging File | 40,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 6,93 Gb Free Space | 7,10% Space Free | Partition Type: NTFS
Drive D: | 131,32 Gb Total Space | 20,99 Gb Free Space | 15,98% Space Free | Partition Type: NTFS
Drive E: | 3,91 Gb Total Space | 0,02 Gb Free Space | 0,63% Space Free | Partition Type: NTFS
Drive G: | 8,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-879877796-3902743073-753729608-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{157A93AE-8A73-4C74-8F11-3FA8DC50A017}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1D0B1A73-88A4-4FB2-87DD-FFF494955BFB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{210302FA-F223-4D9B-88BF-D64C7CE3C6EF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2B746804-50F6-4561-A6CF-8FD296707962}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2BE9EF78-099B-43FE-A013-7DDB2D354CF2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{2CD8CD74-CDF1-407C-A26F-7F46ABFA78E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{51FBD8C1-CC01-4A4F-8786-19157D5B0682}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{52DD06A1-3D5F-4E8A-B716-731CF100894F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6EEA236F-9B95-4F1C-A920-34D387E37850}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7F8A3311-3CAA-493C-BEC0-C169BDEFE99B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{85A0C3ED-46F0-49C0-9A0F-AEECF0C70F4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8903D7C9-DB24-4EA4-A497-1C465CFCB325}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{91C187F7-74CE-4B0D-8934-2E6627171FBD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9B857677-9BB1-4C78-9C75-E201939D3709}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9F62CE2D-5977-4D6F-A313-4ECE1EB9B4ED}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A08AFF22-919F-44E9-A5E3-CD88F844DAB8}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A3BB9F98-4DD1-4DD3-93F1-E30CE9BD3177}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A634F6F2-D270-41A4-B747-2438B3A2ED13}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A6D5B9F6-C667-4C5D-B618-D5AA6C6A0316}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AB3172D3-9A37-451D-A478-1E650AD0C638}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B74D05E9-8A9F-4156-8AEF-B9F2F4ADD8F2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E72E4525-85C4-427C-8288-EA168F20F260}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F70BFACC-81D0-42B3-A085-0A0687EEF16A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F942E912-29EE-4B5C-B276-66EF9CD92430}" = lport=138 | protocol=17 | dir=in | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3100FEA0-7B3D-4803-B5B9-2E941FC33713}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4CDD002F-5D8C-403C-A146-103E953FE6E5}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{4E68E64A-A78F-409C-86F7-D289BB9922CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4F44431A-F10B-4229-ACFC-EF97BAD3CC60}" = protocol=17 | dir=in | app=d:\steam\steam.exe | 
"{50550E53-3D3A-4F89-8065-CA9F9B0A1E1F}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srfeature.exe | 
"{520193DC-04F3-4480-BE5E-87B15BC9046D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{63E2FDA2-B401-4080-AEA8-BDA26AF0DA7B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{719965A5-5C87-48BB-8D29-CD23577CCE20}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7C36188E-BE8C-4AD5-864F-1D8681DEFC94}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe | 
"{7D569C2D-2D3F-45AE-AD8F-EC60E5E96C5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7F9E3341-541F-49DF-BD65-B7B29E3E6A0A}" = protocol=6 | dir=in | app=d:\steam\steam.exe | 
"{94AA1CDE-BDD2-48DE-8612-568297530D6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{97499305-393C-46A1-88EF-DF2716F965FA}" = protocol=6 | dir=out | app=system | 
"{A822F283-BCBE-4A7C-BEE9-381B72BD36DD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AC6EEDA6-C86B-4FE3-A556-7605C8700D7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ACBAC9EA-1727-4C8F-9D5B-60BE9CAEC8DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ACCD8043-47AF-42DF-8892-F48071A9C786}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B28F7777-2706-40B2-A01F-11D1DC0BE266}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B2B1979E-94BF-4BB2-8FA0-C77AD5B0DB1D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B8C317B5-1A15-440A-BD7E-98851E21179A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{BC56A7A0-C648-41B1-B1A4-F2CF39EA50CA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{C2EB1AB6-B5B4-4277-9161-D5F04D8343D7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe | 
"{CED60108-0BBD-4E04-B4E0-8BC6C28A3D60}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\dataproxy.exe | 
"{DF36D4BA-5908-4C3F-8950-A982435D0ED0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe | 
"{DFC0190A-585B-4A8B-B91F-EA86CE28733A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E0E8A298-F08C-4EF8-8173-6866594ECEC5}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srserver.exe | 
"{E23BA0F3-E331-4AAD-8A1F-1CFB1EFFC280}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{EA98DE76-7EA7-4D1C-B952-C96D3C00B853}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ED0734A5-D76F-4F4E-8EE0-250AA793D03E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{11E1A905-32DC-4E50-A754-AF5A66A99DB7}D:\program files\strogino cs portal\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\program files\strogino cs portal\counter-strike global offensive\csgo.exe | 
"UDP Query User{68041263-36DA-4F0B-8A64-DBBEC9F33D67}D:\program files\strogino cs portal\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\program files\strogino cs portal\counter-strike global offensive\csgo.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421045}" = Nero 7 Premium
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{BD051FE3-1575-4CD6-81ED-E905FA94720B}_is1" = Counter-Strike Global Offensive wersja 1.32.6.0
"{DE5BE262-C5E7-49B2-A673-56A3E2522F06}" = Angry Birds Breakfast 1
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.69.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Razer Game Booster_is1" = Razer Game Booster
"Revo Uninstaller" = Revo Uninstaller 1.95
"Splashtop Software Updater" = Splashtop Software Updater
"Steam" = Steam
"Steam App 440" = Team Fortress 2
"The Witcher Enhanced Edition Director's Cut_is1" = The Witcher Enhanced Edition Director's Cut
"TVWiz" = Intel(R) TV Wizard
"WinRAR archiver" = WinRAR 5.01 (32-bitowy)
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-879877796-3902743073-753729608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2014-06-24 13:33:10 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-25 03:25:53 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-26 03:56:52 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-26 12:30:02 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-27 05:56:46 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-27 10:50:15 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-27 14:17:08 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-27 14:20:13 | Computer Name = User-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-06-27 14:26:10 | Computer Name = User-Komputer | Source = VSS | ID = 8194
Description = 
 
Error - 2014-06-28 07:13:39 | Computer Name = User-Komputer | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Nie można zamknąć aplikacji lub usługi IPC logging process.
 
[ System Events ]
Error - 2014-06-25 03:24:56 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
 z usługą Windows Search.
 
Error - 2014-06-25 03:24:56 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu:
   %%1053
 
Error - 2014-06-26 03:55:27 | Computer Name = User-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 17:55:11 na ?2014-?06-?25 było 
nieoczekiwane.
 
Error - 2014-06-26 07:21:28 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
 z usługi SplashtopRemoteService.
 
Error - 2014-06-26 12:27:27 | Computer Name = User-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:26:35 na ?2014-?06-?26 było 
nieoczekiwane.
 
Error - 2014-06-27 02:59:51 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
 z usługi ShellHWDetection.
 
Error - 2014-06-27 05:55:30 | Computer Name = User-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 11:22:19 na ?2014-?06-?27 było 
nieoczekiwane.
 
Error - 2014-06-27 10:49:28 | Computer Name = User-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:29:08 na ?2014-?06-?27 było 
nieoczekiwane.
 
Error - 2014-06-27 14:15:42 | Computer Name = User-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 17:13:21 na ?2014-?06-?27 było 
nieoczekiwane.
 
Error - 2014-06-27 23:34:04 | Computer Name = User-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
 z usługi SplashtopRemoteService.
 
 
< End of report >