OTL Extras logfile created on: 2013-11-13 02:53:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KAROKO\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,65 Gb Available Physical Memory | 32,45% Memory free 4,00 Gb Paging File | 2,22 Gb Available in Paging File | 55,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,73 Gb Total Space | 17,44 Gb Free Space | 35,79% Space Free | Partition Type: NTFS Drive D: | 100,21 Gb Total Space | 46,83 Gb Free Space | 46,73% Space Free | Partition Type: NTFS Computer Name: KAROKO-PC | User Name: KAROKO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = OperaStable] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = OperaStable] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-1586568288-2297975948-3312597491-1000\SOFTWARE\Classes\] .html [@ = DragonHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS "C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4FECA53E-7855-4CDD-9495-7958AAFFFD88}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{56568B1E-3C38-44A8-BBFA-5885661FD87E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{594F924D-2FD1-456A-831B-7C11786EA7E2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{8841187D-5D2B-4A38-A424-28B5CEFE079E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BE2AE376-D4DE-4D5B-A7A8-0D2C585B0297}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{CB5D8820-CC9D-444E-AA75-BF11F5E06D9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F31470D3-CB74-4806-8267-CE1DFE09E6A1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{F9FB0ADC-7713-4E8F-85B0-289EFB9FF24F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{18854CCD-231B-48B2-89DF-76F3E740BB1D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{41B8FC9C-C778-4A10-8A60-E157204DC3AB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | "{445937E5-42F3-4ACD-A3F9-CD7F45E454A0}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe | "{4F8E3730-3588-4568-BC90-F1A3425AD72D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\star conflict\game.exe | "{52ED159C-E5AF-4807-9807-0CB88EE5F963}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{663AB84A-C87E-44C6-B54F-38ADA9A6C17E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | "{678917AF-49A4-4E76-B785-68D61B9F6E1F}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe | "{8A697C93-8D95-432A-A74C-AEE629E00E58}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{B01C6097-E2D5-4DA3-A2E0-57362C3F19EC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe | "{CF424082-B2CF-494D-A3E8-DD570F5D9B51}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{E07FCA9E-C7D3-4EAC-BB7A-53BEC4B33781}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{EC297E63-0918-4C35-9E8B-4324563BD661}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe | "{EE698A34-ADC5-4695-B10E-8E8D8D6E15FD}" = protocol=17 | dir=in | app=c:\users\karoko\appdata\local\ilivid\ilivid.exe | "{F5EE0BA8-86CB-4676-B5B2-7EC77CD1F909}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\star conflict\game.exe | "{FE316E3D-6B3E-43F9-8EF0-1A0D90CA889B}" = protocol=6 | dir=in | app=c:\users\karoko\appdata\local\ilivid\ilivid.exe | "TCP Query User{78AC34B3-8DB3-4C35-A8F3-3573A49CADB2}D:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=d:\program files (x86)\lolreplay\lolreplay.exe | "TCP Query User{E42BDB97-C217-4A6B-9CBB-D1BB94946BE2}C:\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd64.exe | "UDP Query User{70D55938-B1D4-4AEE-BF55-FBCE2B2CFEB2}C:\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd64.exe | "UDP Query User{ECC9D26D-F0C2-47C3-AB9B-E05E05EEA05B}D:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=d:\program files (x86)\lolreplay\lolreplay.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "WinRAR archiver" = WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{18192D3F-5537-4560-AD89-D695F72AF91D}" = OpenOffice.org 3.4.1 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{23D624DA-73E3-4633-A34F-01413EFB2E3D}" = Business Everywhere "{3546E51D-9682-41E3-B7E8-8E01727F8936}" = Uplink "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AutoItv3" = AutoIt v3.3.8.1 "Comodo Dragon" = Comodo Dragon "iLivid" = iLivid "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "League of Legends 3.0.1" = League of Legends "LOLReplay" = LOLReplay "Mozilla Firefox 24.0 (x86 lv)" = Mozilla Firefox 24.0 (x86 lv) "Notepad++" = Notepad++ "SciTE4AutoIt3" = SciTE4AutoIt3 4/5/2013 "Sierra Utilities" = Sierra Utilities "Steam App 113420" = Fallen Earth "Steam App 212070" = Star Conflict "Steam App 220" = Half-Life 2 "Steam App 4000" = Garry's Mod "Steam App 440" = Team Fortress 2 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1586568288-2297975948-3312597491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "SuperFrog (Nieoficjalna wersja pod Windows)" = SuperFrog (Nieoficjalna wersja pod Windows) "TeamSpeak 3 Client" = TeamSpeak 3 Client [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-11-12 21:36:39 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 9000 Description = Error - 2013-11-12 21:36:39 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 7040 Description = Error - 2013-11-12 21:36:39 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 7042 Description = Error - 2013-11-12 21:36:39 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 9002 Description = Error - 2013-11-12 21:36:39 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 3029 Description = Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 3029 Description = Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 3028 Description = Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 3058 Description = Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Windows Search Service | ID = 7010 Description = Error - 2013-11-12 21:59:42 | Computer Name = KAROKO-PC | Source = Application Error | ID = 1000 Description = Faulting application name: k6kjzc11.exe, version: 2.1.19163.0, time stamp: 0x515d31f0 Faulting module name: k6kjzc11.exe, version: 2.1.19163.0, time stamp: 0x515d31f0 Exception code: 0xc0000005 Fault offset: 0x0008c870 Faulting process id: 0x130c Faulting application start time: 0x01cee0135133b250 Faulting application path: C:\Users\KAROKO\Downloads\k6kjzc11.exe Faulting module path: C:\Users\KAROKO\Downloads\k6kjzc11.exe Report Id: 428e1280-4c07-11e3-9e15-001d7d95f2aa [ System Events ] Error - 2013-11-12 21:34:05 | Computer Name = KAROKO-PC | Source = DCOM | ID = 10010 Description = Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Service Control Manager | ID = 7024 Description = The Windows Search service terminated with service-specific error %%-1073473535. Error - 2013-11-12 21:36:40 | Computer Name = KAROKO-PC | Source = Service Control Manager | ID = 7031 Description = The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. < End of report >