OTL Extras logfile created on: 2014-04-05 18:09:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tomek\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,74 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 49,35% Memory free 5,48 Gb Paging File | 3,71 Gb Available in Paging File | 67,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,56 Gb Total Space | 78,43 Gb Free Space | 80,39% Space Free | Partition Type: NTFS Drive D: | 97,94 Gb Total Space | 77,92 Gb Free Space | 79,56% Space Free | Partition Type: NTFS Drive E: | 270,16 Gb Total Space | 202,58 Gb Free Space | 74,99% Space Free | Partition Type: NTFS Computer Name: TOMEK-KOMPUTER | User Name: tomek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) [HKEY_USERS\S-1-5-21-1181333246-1215411710-3487765990-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05EDE688-9401-40B4-823B-446F8A229FD1}" = rport=139 | protocol=6 | dir=out | app=system | "{06ADDD56-C33A-4A70-9568-D2E06C3308D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{14CF3094-6FF2-4C30-85A9-AC461F87394A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{16639E57-0C5C-4AEC-B00B-AD2886FBFDB0}" = lport=138 | protocol=17 | dir=in | app=system | "{18712CF9-FBAB-4B1C-A2CE-EA4289F79A64}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{255B9581-EF93-4A95-B6D3-8181BB2794EF}" = rport=10243 | protocol=6 | dir=out | app=system | "{332DC525-07E3-4B01-A1B6-C17C49120355}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{411424DC-8CF9-4E32-9CD7-5DC0CD6D8766}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5F9139A9-5007-4010-94EC-DEB07B8C00A2}" = lport=445 | protocol=6 | dir=in | app=system | "{660E87FF-80A7-4230-AF30-13DE8B9C77B0}" = lport=137 | protocol=17 | dir=in | app=system | "{6BB769AF-0FCB-4991-8253-DB7289F01B39}" = lport=2869 | protocol=6 | dir=in | app=system | "{732912FD-2478-41B6-AE09-A5CC3A45B8B8}" = lport=10243 | protocol=6 | dir=in | app=system | "{8A72A20F-D27B-4729-9FDB-5650B5F208A5}" = lport=139 | protocol=6 | dir=in | app=system | "{9563CB3C-4E01-4DC0-AAEE-A9CBE134C130}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C592DD29-8507-48A1-86C8-3830E2E2FF94}" = rport=138 | protocol=17 | dir=out | app=system | "{C5E5F325-0EEA-4BF2-B0B4-12FF0CBEADDE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C81E2609-3151-4FE7-97D6-72331605634E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D23A1C3A-4FC5-4B1F-929A-759AE952B171}" = rport=137 | protocol=17 | dir=out | app=system | "{DB48C66E-2092-4FF0-A287-A11E82B18BD1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F309BFE8-8981-4085-93BB-A37D5DA39092}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FA1A3817-00AF-4CFA-B75B-DE20BBFDFD7C}" = rport=445 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{11C7A023-975A-451A-968E-49B65257CBE1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{22DAA137-098F-4CC4-9A1F-15700A6A83DA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2A72EBE9-4ECF-4DCE-8EA8-FA8244B13818}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{48D7D8BE-7B57-4FA3-AD51-37EFCDE8080C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{53295E16-D661-49D7-A049-7F23C7189409}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{53F64383-2496-4286-9EB5-3F29BDA124A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{543858D9-F7E8-4B5D-A458-F3D075121C18}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5C0D1B4C-EB05-4291-8128-FE7AF8BF6EA2}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{65F67FF6-0C38-49A7-9C7D-415B979EC159}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{92696623-F495-4197-AD3D-FB9718FABC6C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A5B80043-3616-4332-89E7-C4F29F85741C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AE56D9AF-C72C-449E-95E7-189F8947AF8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AF4692AD-1C6A-4A59-9E36-44F9B3F1F7C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AFE6678C-DA65-4E13-9F61-5DCEFB3A7546}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B2F552BA-03E6-4FDB-A31E-94498F8481ED}" = protocol=6 | dir=out | app=system | "{C51883C1-EB4A-43FA-B1F2-391F04BB8DD6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D38F1994-F720-4650-8D6D-CDCCADF2CF60}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D396403A-C5ED-4A82-A63C-5203EA55D94E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{DD96D8DB-A336-4B83-9BFC-F8454244B459}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DE74BD2E-591E-44A5-93DA-24D9BD9D98EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E1675C5C-3056-4ADD-8374-62AF3AF07DDD}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{E6208561-76CC-428A-A2EF-0B8FAA873050}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B674B1E-1905-4830-ABD1-F6892F1C4394}" = ATI Catalyst Install Manager "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.9.22.4040 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5969857A-B3B6-4CB8-8AC0-240E1A099246}" = COMODO Antivirus "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{9BAC7DBC-CFDB-62D3-0F88-2D231F0B4402}" = ccc-utility64 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 5.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0276A4D3-8450-8E49-C44B-9326DBD89E1E}" = Catalyst Control Center "{078CCC02-D3A4-82D2-D98A-8737024E7124}" = CCC Help Chinese Traditional "{182136CD-9EE5-57F6-3DC8-E62392E93E93}" = CCC Help Italian "{2360EC6E-C287-02C3-59D5-303040922C12}" = CCC Help Swedish "{24D1C3CC-B529-C9B2-F349-8E0E0F464A43}" = CCC Help Russian "{2B365FA7-BC10-2164-0F2F-871DBC603A8A}" = CCC Help Turkish "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{41086B94-324A-0977-5098-38EB25AAA244}" = CCC Help Chinese Standard "{478B37C5-64AB-0CEE-04B5-0B8F9FEA41C5}" = CCC Help Portuguese "{49328737-A2E9-55C7-019D-C2A1C4EA1C32}" = Catalyst Control Center InstallProxy "{49BC5CBB-27F7-E523-AE61-D1625FAEDDE1}" = CCC Help Japanese "{4F5AF4FD-A590-7530-4D5D-4A9772961420}" = Catalyst Control Center Localization All "{55A9990A-E980-71C4-B90F-01C4235C79FB}" = CCC Help Thai "{57CA189D-BAEB-49BC-AE75-CE70E9B775E1}" = Catalyst Control Center - Branding "{5A15E450-0894-D4A5-9E25-1D3DDA1F123F}" = CCC Help Dutch "{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "{64427AF4-5D83-C673-68D5-A067FF1002EC}" = CCC Help Finnish "{6A1419E0-4ECA-0DBE-F469-B79FDE3544C0}" = CCC Help Danish "{6B5F27E0-38D1-15E2-A0BC-0FCE7064CE67}" = CCC Help French "{6D5E077E-B748-299D-FD98-159CF35779E5}" = CCC Help Korean "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{8AE21DF5-B8C8-A53A-19E3-A84A2E143ED0}" = CCC Help Czech "{8D5D02EB-C2BC-D8BD-FD88-5C362A50D945}" = Catalyst Control Center Profiles Mobile "{927C832C-91DF-69C3-D468-476AC83E4D85}" = CCC Help Spanish "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A53E6062-D674-A400-2A7C-AF35A3D56324}" = CCC Help Polish "{A7FDA790-9CE0-AE8F-94B9-6CAE8E07E396}" = CCC Help Hungarian "{ADE9605B-0432-B54C-8907-F89EB63C0DD0}" = CCC Help German "{C30773F5-0746-C580-B32E-BF6F6854A5E2}" = PX Profile Update "{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}" = OpenOffice 4.0.1 "{E1431A6A-C3B9-6573-DE0C-D004B500EF0C}" = CCC Help Norwegian "{ED7BD1FD-2294-8515-32B7-991DE931A97E}" = CCC Help English "{EDE01FC9-4790-0FFA-5B92-C401C865F9A5}" = CCC Help Greek "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "FileZilla Client" = FileZilla Client 3.8.0 "InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.00.0.1000 "Mozilla Firefox 28.0 (x86 pl)" = Mozilla Firefox 28.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "Opera 20.0.1387.82" = Opera Stable 20.0.1387.82 "Picasa 3" = Picasa 3 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1181333246-1215411710-3487765990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-04-05 03:14:01 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:01 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:02 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:02 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:02 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:02 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:03 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:03 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:03 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = Error - 2014-04-05 03:14:04 | Computer Name = tomek-Komputer | Source = MsiInstaller | ID = 11609 Description = [ System Events ] Error - 2014-04-04 16:07:16 | Computer Name = tomek-Komputer | Source = Service Control Manager | ID = 7034 Description = Usługa COMODO Internet Security Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-04-04 18:03:26 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-04-05 03:17:19 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-04-05 03:46:05 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-04-05 06:06:38 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-04-05 06:09:58 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = Error - 2014-04-05 07:32:09 | Computer Name = tomek-Komputer | Source = DCOM | ID = 10010 Description = < End of report >