OTL Extras logfile created on: 2014-03-13 21:50:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\bengrush\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 49,35% Memory free 5,99 Gb Paging File | 4,46 Gb Available in Paging File | 74,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 45,00 Gb Total Space | 9,38 Gb Free Space | 20,84% Space Free | Partition Type: NTFS Drive D: | 251,08 Gb Total Space | 23,53 Gb Free Space | 9,37% Space Free | Partition Type: NTFS Computer Name: BENGRUSH2 | User Name: bengrush | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2424988559-2705854300-922594339-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05A25C35-3660-4441-B1AB-22930E1A77FD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2D1205A5-F1AF-4972-8868-1D84E72B1244}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{34796B64-8B67-4F92-8D26-36C92AB42D3E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4378BA35-0626-478F-B8A0-5E83834BCC21}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4FAED064-0401-4410-A442-AC284C6C9AB8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5504BE4D-8D64-4175-9144-A77CA8A616D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6212E0C3-FA85-4C74-8B64-A404047F4208}" = rport=137 | protocol=17 | dir=out | app=system | "{68B39FD8-71F3-4DF7-885B-CBE49E09CB36}" = lport=138 | protocol=17 | dir=in | app=system | "{7321D48A-EB22-43B1-8087-53F93BCEB03E}" = rport=138 | protocol=17 | dir=out | app=system | "{7941D3BB-5D60-4DB2-B788-F196161A8E47}" = lport=139 | protocol=6 | dir=in | app=system | "{79C5CB29-D5E6-4AD3-93AC-32831F0DF449}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7ABF2086-1D5F-4D50-B723-0F0021152A44}" = lport=137 | protocol=17 | dir=in | app=system | "{83C2FBF6-2BEF-44C7-A41A-3B3028B91601}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8CA087E1-0165-4A95-AA12-18291B907DB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{952CDD52-7141-4224-9828-5CE2F6630B8F}" = lport=2869 | protocol=6 | dir=in | app=system | "{969E28FB-594D-42E1-9E15-497808A8C4DB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A3126F2E-1CA4-41D8-B6C2-47461B0CA8CB}" = lport=445 | protocol=6 | dir=in | app=system | "{A42491D1-FD25-42C2-A4E8-3028FAE5CF29}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B3E82242-8670-4CA4-945F-25B193903306}" = rport=10243 | protocol=6 | dir=out | app=system | "{B63D3A32-2A30-4D39-86FA-F74E7B293F71}" = rport=139 | protocol=6 | dir=out | app=system | "{C9393382-9703-4729-8D7D-5A6E4CBCD624}" = rport=445 | protocol=6 | dir=out | app=system | "{CF04A541-9AA7-4422-ADF2-2817BA3F0D35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FB91F96B-ED95-4C58-82BB-F5EBBF533CE2}" = lport=10243 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02422C0C-9786-481E-B379-F343154ED7F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{0F36194F-34A6-4A23-94CA-6F930D305C9B}" = protocol=6 | dir=out | app=system | "{1BCE7235-231A-4E81-A109-4A460FBD420D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1DAB36BC-391D-4CD4-A720-7B2A6F11B176}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{238C04CE-3256-495C-8FC2-3BE51E091C33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{33D199EA-420A-436E-8093-F8CDA61D0859}" = dir=in | app=c:\users\bengrush\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{3BA950A2-339D-4AF5-8286-115884E85BD6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{55A89764-0F52-448B-A239-4A896055B7AE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{5C6756D2-5315-40F4-BFD5-261CFB1FE69E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{62E18A43-799E-49C9-BE25-4C1697ED6666}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{668D186C-F631-41E8-8989-C9624221F663}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{7EE1F7BE-BDAC-4E68-9F26-FCD7C8EE8AB9}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{814E053A-FA92-4FF4-AF96-BFE92E62D695}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{9270DE3F-EC3D-49AA-8BC8-4273257799BC}" = protocol=17 | dir=in | app=c:\users\bengrush\appdata\roaming\dropbox\bin\dropbox.exe | "{ABACCBC9-D157-4661-B345-450B62C0F9D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B802CB6B-1B93-4869-9728-73355E04D721}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BA855755-CF29-459C-BDFD-81544AA3D949}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C014F0DF-DEF6-49DF-A2C5-23E5E4A12C87}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{CA293F20-C981-4DE2-8087-DBF67AAE9F0F}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{CD176E39-AFC8-4908-9BA5-F651B8870AA8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{D72ED70B-90C6-4579-BA06-63CA7E376D92}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E336A1F8-CBAA-4E11-9DF4-CE824E6518CC}" = protocol=6 | dir=in | app=c:\users\bengrush\appdata\roaming\dropbox\bin\dropbox.exe | "{E8FC24B4-B66B-47B6-8091-D045205CC81A}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast4\ashavast.exe | "{EAB2F6AB-03AD-4270-82EC-AF6E18589345}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EE99B586-34DF-42F6-B557-2A24EC59344B}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast4\ashavast.exe | "{F02353DC-7AA5-4110-82DE-7E313DE8444C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F6666B38-EB76-4BC2-A60E-F2C291B1DF7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FB5845C3-DC13-4BCB-993C-6A4EC9DB4659}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51 "{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT "{31BFEC6C-1F27-45B5-839C-BCBAE327993A}" = OpenOffice.org 3.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}" = Steinberg Cubase LE 5 "{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.1 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447 "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = blueconnect "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) "{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.9 "{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0 "Any Video Converter_is1" = Any Video Converter 3.5.8 "Avast" = avast! Internet Security "blueconnect" = blueconnect "CCleaner" = CCleaner "DP Animation Maker" = DP Animation Maker "eLicenser Control" = eLicenser Control "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2 "Hamster Free Burning Studio_is1" = Free Burning Studio 1.0.9.9 "Hamster Lite Archiver_is1" = Hamster Lite Archiver 2.0.1.2 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "MadTracker 2" = MadTracker 2 "Mobile Broadband HL Service" = Mobile Broadband HL Service "Mozilla Firefox 27.0.1 (x86 pl)" = Mozilla Firefox 27.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Picasa 3" = Picasa 3 "PIT Format 2013_is1" = PIT Format 2013 "Software Update Wizard (Redist)" = Software Update Wizard (Redist) 4.5 "VLC media player" = VLC media player 0.9.8a "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "X-COM - Terror from the Deep PL" = X-COM - Terror from the Deep PL [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2424988559-2705854300-922594339-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BankBrowser" = BankBrowser "Dropbox" = Dropbox [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-03-13 10:33:51 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:33:52 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:33:52 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:34:24 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:34:39 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:34:40 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:34:41 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:34:41 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:35:09 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = Error - 2014-03-13 10:35:38 | Computer Name = bengrush2 | Source = RasClient | ID = 20227 Description = [ System Events ] Error - 2014-03-13 14:19:54 | Computer Name = bengrush2 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcpipBM Error - 2014-03-13 14:43:09 | Computer Name = bengrush2 | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-13 14:43:09 | Computer Name = bengrush2 | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-13 14:43:45 | Computer Name = bengrush2 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcpipBM Error - 2014-03-13 14:47:12 | Computer Name = bengrush2 | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-13 14:47:12 | Computer Name = bengrush2 | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-13 14:47:42 | Computer Name = bengrush2 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcpipBM Error - 2014-03-13 14:51:10 | Computer Name = bengrush2 | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-03-13 14:51:10 | Computer Name = bengrush2 | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-03-13 14:51:15 | Computer Name = bengrush2 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcpipBM < End of report >