OTL Extras logfile created on: 2012-09-11 00:08:35 - Run 1 OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Pawel\Downloads 64bit- Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,99 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 61,37% Memory free 7,99 Gb Paging File | 6,35 Gb Available in Paging File | 79,48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,31 Gb Total Space | 164,18 Gb Free Space | 84,06% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 175,90 Gb Free Space | 65,04% Space Free | Partition Type: NTFS Drive F: | 8,42 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: PAWEL-KOMPUTER | User Name: Pawel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [openNew] -- explorer %1 (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [openNew] -- explorer %1 (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0403260E-9663-4E1A-8F0B-DBFDF804F4DF}" = lport=445 | protocol=6 | dir=in | app=system | "{08EB85C9-AE0C-4928-97D2-A344166AB394}" = lport=12007 | protocol=6 | dir=in | name=bitcomet 12007 tcp | "{14EBEE9F-3019-4378-962E-7AE4482E5A15}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1BB0D70A-1E7C-4E4C-B7EB-FCA3FDEE8204}" = lport=139 | protocol=6 | dir=in | app=system | "{2ABEC8F5-29FC-4D19-8823-D15B7C620B36}" = lport=138 | protocol=17 | dir=in | app=system | "{4B6180F3-AF9B-4079-8E96-D73264C75030}" = rport=138 | protocol=17 | dir=out | app=system | "{7A6A3E6F-15DF-4E97-A9C0-9722A67E67A4}" = rport=445 | protocol=6 | dir=out | app=system | "{82A769B6-EE7C-421B-8F16-33ED9546D33E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{89AB7A65-0553-4F67-80C1-B2B8DC896463}" = lport=12007 | protocol=17 | dir=in | name=bitcomet 12007 udp | "{A0AE73E7-3718-4417-B7DF-E14E2115BFB5}" = lport=137 | protocol=17 | dir=in | app=system | "{C8448332-B631-4BE1-A18D-26B0D3F2F2B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CF6C27D0-BF97-4B17-8643-EE153EE98395}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F02743DD-6CB1-4E75-99C8-C13D57F7D0E7}" = rport=139 | protocol=6 | dir=out | app=system | "{F50F6C1F-BFEE-483F-855D-97227D2B8773}" = rport=137 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6EC89F61-77EF-4D2C-B50C-E7C9698E6D8F}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{ADB32CF2-12A0-4081-8176-A064FDBA3121}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B916BB32-9E3F-4C60-A517-A30F8DB8CC43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BAF50012-1BC8-42C6-A317-6D12CCCE96C2}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{C644DE15-DC17-4D4A-AEC4-F35C9886B507}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{D9528B14-0197-4966-9632-D71BA5997CDC}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{DF631951-8030-430A-9302-91A8331BC41F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{ED745516-00B9-4A76-A587-6C433E578A9B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "TCP Query User{77601BAD-A7E5-4BF7-BAF9-9AA0C0B25E92}C:\program files (x86)\tibiacast\tibiacast client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tibiacast\tibiacast client.exe | "TCP Query User{897B2526-F07E-4F32-AABE-1E57119BBF7D}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{BC413166-D637-4059-B44A-F2D7F82E3647}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "TCP Query User{EC8E9524-4D2B-44A4-B55B-71B7455A0D71}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe | "TCP Query User{FE84060F-5396-4F5E-8060-D0C6FEDCD081}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "UDP Query User{1C1D6E40-EB6C-4B02-9E5F-E2B971DB9F80}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "UDP Query User{458906CA-4A28-4C34-892A-6DBFD53F3A82}C:\program files (x86)\tibiacast\tibiacast client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tibiacast\tibiacast client.exe | "UDP Query User{6BD6E41C-CBEE-472A-A906-D286B365B4E3}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe | "UDP Query User{6F4D5B5F-CFC0-4397-816B-B720896D5024}C:\program files (x86)\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tlen.pl\tlen.exe | "UDP Query User{AD4D8FB6-E320-4962-9AB3-C83ED8483696}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "HashCheck Shell Extension" = HashCheck Shell Extension (x86-64) "Microsoft Security Client" = Microsoft Security Essentials "Speccy" = Speccy [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64) "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{FB038DB3-F1C4-4D07-9F05-F4BFD03D412C}" = Tibiacast "7-Zip" = 7-Zip 9.20 "8461-7759-5462-8226" = Vuze "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "DAEMON Tools Lite" = DAEMON Tools Lite "Komputerowy Słownik Niemiecko-Polski_is1" = Komputerowy Słownik Niemiecko-Polski 0.8.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.0.1400 "Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Sleeping Dogs_is1" = Sleeping Dogs version 1.4 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Tibia_is1" = Tibia "Tlen.pl" = Tlen.pl "Vuze_Remote Toolbar" = Vuze Remote Toolbar "Winamp" = Winamp "X-Mouse Button Control" = X-Mouse Button Control 2.5 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-09-06 19:31:27 | Computer Name = Pawel-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 15.0.0.4619, sygnatura czasowa: 0x50382fcd Nazwa modułu powodującego błąd: xul.dll, wersja: 15.0.0.4619, sygnatura czasowa: 0x50382f44 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x001bea47 Identyfikator procesu powodującego błąd: 0xfa8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd8c8758d66687 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Mozilla Firefox\xul.dll Identyfikator raportu: fa44eb11-f87a-11e1-a734-002219fd010f [ System Events ] Error - 2012-09-08 12:52:25 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-09-08 19:55:59 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-09-08 19:55:59 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-09-09 05:02:57 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-09-09 05:02:57 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-09-09 12:51:31 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-09-09 12:51:31 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-09-09 13:59:19 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2012-09-09 13:59:19 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2012-09-09 13:59:23 | Computer Name = Pawel-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active < End of report >