OTL Extras logfile created on: 2013-01-18 23:50:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JERZY\Desktop\OTL 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,96 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,75% Memory free 7,92 Gb Paging File | 6,44 Gb Available in Paging File | 81,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 283,40 Gb Total Space | 249,80 Gb Free Space | 88,14% Space Free | Partition Type: NTFS Computer Name: JERZY-KOMPUTER | User Name: JERZY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{079C1536-0EF3-45F1-9BBA-D901ED942EB5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{138BCB15-1F5B-45AF-816A-CD9917F64C34}" = lport=138 | protocol=17 | dir=in | app=system | "{3C3D2263-8526-49D4-9FD7-1B95871FADA2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3F4EC971-D288-443D-8CE5-C35296CD0029}" = rport=138 | protocol=17 | dir=out | app=system | "{3FC5027D-5462-490C-A3BE-C14BFB4C04B8}" = rport=137 | protocol=17 | dir=out | app=system | "{49DC0505-08B2-4569-9325-9092977F4113}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{63F6EE8F-DEDF-4F64-A46E-F6684C5D920C}" = rport=139 | protocol=6 | dir=out | app=system | "{7DC3D81F-122F-4FD7-9CF0-92845EA4463A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{851C8F37-5FB9-4F24-973F-894552DEBF2D}" = lport=137 | protocol=17 | dir=in | app=system | "{881760F8-C8E2-41C8-9831-675259C8CF47}" = rport=10243 | protocol=6 | dir=out | app=system | "{8E7432DF-EE05-49C0-A51F-6C148FE25DDE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{9DB13AA6-1E3A-4BC5-ACCF-6CC4A2D46F48}" = rport=445 | protocol=6 | dir=out | app=system | "{9EB3390A-217E-4B7C-A9F4-995321C43493}" = lport=445 | protocol=6 | dir=in | app=system | "{9FB032B8-64B4-4C8D-AAD8-A09D4AB1B5F9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A313AFB8-4DAB-4A09-A88E-7175C3762DFD}" = lport=10243 | protocol=6 | dir=in | app=system | "{B11B1706-C0CE-434E-BEBC-000B929F4E97}" = lport=139 | protocol=6 | dir=in | app=system | "{C4600636-FE45-47C2-A034-FA1E8F45B8B2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C4FF9C48-5D74-494A-9F0C-5096C465D4E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D763B9C6-B414-4C7A-B6FE-EA7EE683EC1B}" = lport=2869 | protocol=6 | dir=in | app=system | "{E21EB55F-CE8D-4217-B588-F2EC0A05FA7B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F451688D-5AFD-4775-BA14-33F1CE9354F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0051BE44-A430-4FD4-9A13-38E31A39A0C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{01F099F7-D13B-4581-BB3A-1740660F0658}" = protocol=6 | dir=out | app=system | "{1AE8F56C-EC15-4BAA-87D3-FF66B98DC338}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{290201A0-9D15-4DCE-B6B2-DE26F42E8C1E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4C13226C-C786-430E-9583-93A9C5E5F03F}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe | "{55100D19-4564-4F45-9ABB-C4C92C9D9F53}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe | "{58B9584C-D5D4-4F3C-93DB-44B42414F3D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5FDF8830-67DA-4C00-AA3C-6DBB67002A3A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{66D0E18F-C380-4C29-88CF-8F0D80D4C98C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{715D21B0-411B-46BB-B659-62A6592603C3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7BB88FF5-C03D-40A3-87CF-B107EAC35CB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{82F9C055-44B8-49A1-A22E-FFA91BDA3B82}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{881DB1FB-DEC8-46D4-BC0D-1B85EA602043}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{947816E3-B70B-4345-8FD1-683C23946A95}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AA8D3862-740F-4292-8A81-CDA6FA46F4BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B04E6B2B-1B34-4CAF-88B0-B7B95512796E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B415A7E6-68CB-4B35-88AC-20C366FDC268}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{CE900C8E-5D13-4CE9-9E24-6D7DBE070A13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D11E4731-9343-4537-886E-F753D5FE2702}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DBEE337A-2A63-41DD-B509-CF04AB7F55FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F2FE9E7A-125F-4DD2-A6D6-CAC188501603}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001A "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) "{DC2D3225-D0F7-44F5-9BE1-EBEA191DF223}" = CryptoCard Suite "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "avast" = avast! Free Antivirus "Google Chrome" = Google Chrome "Komputerowy Słownik Niemiecko-Polski_is1" = Komputerowy Słownik Niemiecko-Polski 0.8.2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.70.0.1100 "PLAY ONLINE" = PLAY ONLINE "Protected Search_is1" = Protected Search 1.1 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-04 08:33:10 | Computer Name = JERZY-Komputer | Source = ESENT | ID = 215 Description = WinMail (1192) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error - 2013-01-04 08:33:15 | Computer Name = JERZY-Komputer | Source = ESENT | ID = 215 Description = WinMail (688) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error - 2013-01-05 13:10:25 | Computer Name = JERZY-Komputer | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 2013-01-05 13:10:32 | Computer Name = JERZY-Komputer | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 2013-01-07 14:57:43 | Computer Name = JERZY-Komputer | Source = Software Protection Platform Service | ID = 8200 Description = Szczegóły błędu pozyskiwania licencji. hr=0x80072EE7 Error - 2013-01-07 14:57:43 | Computer Name = JERZY-Komputer | Source = Software Protection Platform Service | ID = 8208 Description = Pozyskiwanie oryginalnego biletu (hr=0x80072EE7) dla szablonu o identyfikatorze 66c92734-d682-4d71-983e-d6ec3f16059f nie powiodło się. Error - 2013-01-10 08:51:58 | Computer Name = JERZY-Komputer | Source = RasClient | ID = 20227 Description = Error - 2013-01-10 08:52:28 | Computer Name = JERZY-Komputer | Source = RasClient | ID = 20227 Description = Error - 2013-01-18 15:28:31 | Computer Name = JERZY-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 9.0.8112.16457, sygnatura czasowa: 0x50a2f9e3 Nazwa modułu powodującego błąd: Complitly.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x50f2ad37 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x727378f0 Identyfikator procesu powodującego błąd: 0x6f4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5b1e557d028 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Internet Explorer\iexplore.exe Ścieżka modułu powodującego błąd: Complitly.dll Identyfikator raportu: 3d89c415-61a5-11e2-a39e-a4badb97b18b Error - 2013-01-18 16:36:44 | Computer Name = JERZY-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: pctsSvc.exe, wersja: 9.1.0.2894, sygnatura czasowa: 0x509054e5 Nazwa modułu powodującego błąd: rtl100.bpl, wersja: 11.0.2902.10471, sygnatura czasowa: 0x475fc385 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000a264 Identyfikator procesu powodującego błąd: 0xa70 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5b9dfd994d8 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\PC Tools\PC Tools Security\rtl100.bpl Identyfikator raportu: c5481bd5-61ae-11e2-b6cc-a4badb97b18b [ System Events ] Error - 2013-01-18 15:33:53 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-18 15:33:53 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-18 16:26:00 | Computer Name = JERZY-Komputer | Source = PCTCore | ID = 327960 Description = Error - 2013-01-18 16:26:00 | Computer Name = JERZY-Komputer | Source = PCTCore | ID = 327960 Description = Error - 2013-01-18 16:38:26 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-18 16:38:26 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-18 17:28:58 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-18 17:28:58 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 2013-01-18 17:38:35 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 2013-01-18 17:38:35 | Computer Name = JERZY-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 < End of report >