OTL Extras logfile created on: 2014-10-11 14:29:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toradora\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 59,78% Memory free 7,96 Gb Paging File | 5,78 Gb Available in Paging File | 72,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 130,70 Gb Total Space | 110,27 Gb Free Space | 84,37% Space Free | Partition Type: NTFS Drive D: | 200,20 Gb Total Space | 199,86 Gb Free Space | 99,83% Space Free | Partition Type: NTFS Drive E: | 200,20 Gb Total Space | 199,79 Gb Free Space | 99,79% Space Free | Partition Type: NTFS Drive F: | 200,20 Gb Total Space | 199,55 Gb Free Space | 99,67% Space Free | Partition Type: NTFS Drive G: | 200,20 Gb Total Space | 199,31 Gb Free Space | 99,56% Space Free | Partition Type: NTFS Computer Name: AISAKA | User Name: Toradora | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3565540839-272650501-1161441506-1000\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{040C6E82-FF4A-46A6-A759-F48B35B9CF60}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{079C4AEA-806A-4640-9244-3C70B02173CB}" = rport=445 | protocol=6 | dir=out | app=system | "{11DBFAD5-6B6B-4629-8544-D46BCEF7B41F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1461DE99-865F-4C64-BD62-FF11B32B92CA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1D375223-1D6A-4538-856F-1F527B068C89}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1FA3C952-3E88-4F81-B6CB-8E5C35AFF6B4}" = lport=445 | protocol=6 | dir=in | app=system | "{23A3EC04-6ADB-455D-9F30-D63D95DB7A8A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{3E20BED5-D911-4ADC-AB52-D6353B28564D}" = rport=10243 | protocol=6 | dir=out | app=system | "{40BCE830-DF6B-4B2F-BB29-CD59A373246E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{430B44B5-700A-4F61-B8D1-DAF2B0D9375C}" = lport=139 | protocol=6 | dir=in | app=system | "{69AE01C8-65F4-494D-9606-A9E7F2565B47}" = lport=137 | protocol=17 | dir=in | app=system | "{781ECBC4-FED2-42E9-9139-1E95AA88BE7F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8B2C7188-290C-4AE8-B0C1-8E0DC286A33A}" = lport=10243 | protocol=6 | dir=in | app=system | "{8F65F07A-97CF-46EA-9F50-22ECA67180E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{93FF9AA9-CCBD-4883-BA6E-8773CEE5F54D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{9B256A38-54D8-4D8A-90DC-6D0C29CF2018}" = lport=2869 | protocol=6 | dir=in | app=system | "{B6BF288C-B26C-4FF8-950D-3D32EF187366}" = lport=138 | protocol=17 | dir=in | app=system | "{B6F7EAE0-93AE-4708-B0F5-CA1B7B515895}" = rport=139 | protocol=6 | dir=out | app=system | "{C3229C7D-892A-482C-ABE6-FFB575691EB8}" = rport=138 | protocol=17 | dir=out | app=system | "{D0EC3C57-571B-4D33-8B52-9FDF7714255A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E049F9D8-B66A-40C0-86BF-880C29938CC0}" = rport=137 | protocol=17 | dir=out | app=system | "{E208CA26-D399-486D-8B63-9ACC86BE1B25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F3B3B937-C0E6-4932-83B7-BFA34DBF0FF2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EE41BA8-92D8-4ABC-9973-1E09B899B0C7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1A03AD79-504E-4A1C-B2AC-FC9E62F27A6B}" = protocol=6 | dir=out | app=system | "{2F70953F-185E-46CF-889F-138F3C202DA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{324432F5-3A5E-48A0-94A8-BE3DCC1D6F7C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{461D0902-34ED-439C-A518-9CAB2BD6F6AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{468EC313-F145-4F77-ACC8-E925EDC83DD7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6204BF0F-8C3F-4AD5-973C-CB4A86AD213F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6D4F69EB-3143-4CCC-88D9-7C44620ED55C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6EEBB478-3CD2-4FC4-8000-FED5C106A84F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8796E92B-05AC-40A2-81C1-C336E5099B53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8A8E54D2-E9A7-41EF-ABB2-A283EC3C5A32}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8D0237C1-D723-4C9D-9BA2-749CDBFFD47D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{99ADABD6-70B5-4866-92C9-B2FE328AEEF2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B240F938-9214-418F-958C-95E2BDDF9E49}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BA4522BC-31FE-49D3-8797-A7CA609C75B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C486B7A7-060F-4931-8889-AEF156450DBE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F4898E5F-08A7-4BBC-A4B7-B0B926DE1E3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F6D92FF7-0169-4C6B-8E41-1382721FC752}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FBDC07F4-EE0D-43BE-A69A-9337058D0982}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 267.60 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 267.60 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 267.60 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.22.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Afterburner" = MSI Afterburner 2.1.0 "Avast" = avast! Free Antivirus "Google Chrome" = Google Chrome "League of Legends 3.0.1" = League of Legends "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Opera 24.0.1558.64" = Opera Stable 24.0.1558.64 "WinRAR archiver" = WinRAR 5.11 (32-bitowy) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-10-10 13:11:59 | Computer Name = Aisaka | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2014-10-10 13:18:52 | Computer Name = Aisaka | Source = .NET Runtime | ID = 1026 Description = Error - 2014-10-10 13:18:54 | Computer Name = Aisaka | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Terraria.exe, wersja: 1.2.4.1, sygnatura czasowa: 0x537510f8 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7bafa Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0x1038 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfe4ae43b8b941 Ścieżka aplikacji powodującej błąd: E:\Trr\Terraria.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: 8293e105-50a1-11e4-8705-8c89a5bfa8d8 Error - 2014-10-10 13:19:03 | Computer Name = Aisaka | Source = .NET Runtime | ID = 1026 Description = Error - 2014-10-10 13:19:03 | Computer Name = Aisaka | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Terraria.exe, wersja: 1.2.4.1, sygnatura czasowa: 0x537510f8 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7bafa Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0x410 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfe4ae4a32a7b5 Ścieżka aplikacji powodującej błąd: E:\Trr\Terraria.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: 87ed7ad7-50a1-11e4-8705-8c89a5bfa8d8 Error - 2014-10-11 04:59:24 | Computer Name = Aisaka | Source = WinMgmt | ID = 10 Description = Error - 2014-10-11 06:17:57 | Computer Name = Aisaka | Source = WinMgmt | ID = 10 Description = Error - 2014-10-11 06:22:28 | Computer Name = Aisaka | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error - 2014-10-11 08:03:12 | Computer Name = Aisaka | Source = WinMgmt | ID = 10 Description = Error - 2014-10-11 08:06:50 | Computer Name = Aisaka | Source = Application Hang | ID = 1002 Description = Program chrome.exe w wersji 38.0.2125.101 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: dc0 Godzina rozpoczęcia: 01cfe54b77b5d1cc Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: [ System Events ] Error - 2014-10-10 12:20:18 | Computer Name = Aisaka | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 17:51:50 na ?2014-?10-?10 było nieoczekiwane. Error - 2014-10-11 06:17:46 | Computer Name = Aisaka | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024d00e: Windows Update Core. < End of report >