OTL Extras logfile created on: 2014-11-14 16:17:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\otl Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17420) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 69,55% Memory free 5,99 Gb Paging File | 4,75 Gb Available in Paging File | 79,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 116,03 Gb Free Space | 79,21% Space Free | Partition Type: NTFS Drive D: | 151,51 Gb Total Space | 139,28 Gb Free Space | 91,93% Space Free | Partition Type: NTFS Computer Name: EWA-KOMPUTER | User Name: Ewa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2846243105-2044209956-1520485455-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\System32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{050633B1-9F2A-4852-ACC9-167F630C8CB5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{050FA52B-7324-416B-92EF-A807305CCFE6}" = rport=139 | protocol=6 | dir=out | app=system | "{1BB5C79D-72FE-4A6E-B813-8781DBBAEFF5}" = lport=445 | protocol=6 | dir=in | app=system | "{1DDB74FF-DD52-4616-A2F2-27118D87F428}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2E5E01EF-D23B-4CA1-8F06-1CF3EF2C8C3D}" = lport=2869 | protocol=6 | dir=in | app=system | "{2F71DD6B-B75C-4A6E-B9C6-3C4D9DBE04C6}" = lport=138 | protocol=17 | dir=in | app=system | "{400E26B8-A0CF-4349-8780-15898504DFEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{45FEA9F0-8120-43F8-B157-7163E4C886E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4D5AA7F2-705B-457E-B3E8-42A109379C8F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5117D3BA-BD46-4DD3-BABD-2C97C97CA7C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{665BEE9B-6999-46D0-8204-9863752A39B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6DF9FC10-EB01-49F8-A7B0-72FABE4DCF9E}" = rport=445 | protocol=6 | dir=out | app=system | "{74668421-65DB-4B9C-AA4D-F2236C91E04D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{79973082-3F5E-44B2-A55F-753EBB4C1ACC}" = lport=10243 | protocol=6 | dir=in | app=system | "{7C3063EB-BB48-4339-8E0A-3E8AF5BF997F}" = rport=10243 | protocol=6 | dir=out | app=system | "{7C65FD5D-0F68-4E26-825F-48BB1F706C90}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7E1ABA3A-94E4-4D45-8A99-7F2ECE5AE836}" = rport=138 | protocol=17 | dir=out | app=system | "{8945E424-97C4-4FDA-B757-4AB383B8B890}" = lport=139 | protocol=6 | dir=in | app=system | "{95DC6F6A-41AA-4CCB-A366-A2D91526AC5B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ABB559EB-8C34-45A0-87D6-3AE3EAE397AC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BB470E4A-6AC9-47AD-905F-8FEE51D2FE9D}" = lport=137 | protocol=17 | dir=in | app=system | "{E131FAFA-4A7F-4503-9415-56585B938D0A}" = rport=137 | protocol=17 | dir=out | app=system | "{EF6C65D2-A8D1-4E29-B49D-B251C8AF5012}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{179AA954-5DD9-4EB4-A313-35F0DE11BDE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1D9220BD-F0FA-4BF5-830B-BC377B0663D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{1EF430F7-84F2-4431-827D-61E74B20936A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{21DBEFED-D9DE-41DD-8379-A75C02053A1F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe | "{23C888DD-D36B-466E-A4C8-CE80E8BFA78A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{24E5CA39-417D-45E6-85C3-32C3D1C12497}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{29B162B3-CDB7-4425-8410-7C34E7107E14}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{329A12F1-FFA3-4426-A1B6-7ED6DA454F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{332274F1-0E25-43AA-A468-18784AC11148}" = protocol=6 | dir=out | app=system | "{599C0F12-202B-4006-82D2-5188F2F2D3BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5B4EB695-2A18-47A1-B43D-CF5A6070F291}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9ACB018F-7C87-4077-ADCD-283CA133A543}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe | "{9EEF31D5-289F-4042-ADC3-A956EC04BE03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A8426AAC-EE10-4012-AA5A-C114EFC840B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AA939804-381B-44AE-8001-74AB303CE0B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AEF23653-EB32-410A-BBD7-C30610463DF3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BB827035-4AB4-4286-84DF-FC0E302ABDC4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{E0D510D0-005E-4961-9F8F-E90A512EC186}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{FA270106-6E2E-4ABA-BEE2-A372E7299BDF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "TCP Query User{74699047-3B3D-4984-965B-E7D7203135FD}D:\programy\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "TCP Query User{A4A42EC5-2D65-494D-829E-875ED492C8BD}D:\programy\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "UDP Query User{73D81B4D-B8E4-44F0-AB01-28C5ECBC6282}D:\programy\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "UDP Query User{A0D44933-8E97-4D2A-8F6B-2373F487AEA1}D:\programy\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{011B5F12-F1CB-4C14-A99E-62C55831D78A}" = OpenOffice.ux.pl 3.4 "{2D5BEFA3-889A-4AD5-8771-310BAEB0E2FC}" = Qtrax Player "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Polish "{C83B8B35-C2C4-3302-9A6E-C2AF1A59E8D6}" = Microsoft .NET Framework 4.5.1 (PLK) "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "AVG Web TuneUp" = AVG Web TuneUp "CCleaner" = CCleaner "Driver Booster_is1" = Driver Booster "Internet w Cyfrowym Polsacie" = Internet w Cyfrowym Polsacie "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.3.1025 "Mozilla Firefox 33.1 (x86 pl)" = Mozilla Firefox 33.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Odkurzacz 13.3_is1" = Odkurzacz [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2846243105-2044209956-1520485455-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "1875559972.portal.qtrax.com" = Qtrax Player "GG" = GG "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-11-13 10:19:28 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 12:29:44 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 14:50:10 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 15:09:11 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 15:15:34 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 16:03:14 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 16:19:09 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 16:56:11 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-13 17:06:27 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-11-14 10:52:20 | Computer Name = Ewa-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-11-13 17:04:38 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-11-13 17:04:48 | Computer Name = Ewa-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SPDRIVER_1.37.0.1375 z powodu następującego błędu: %%3 Error - 2014-11-13 17:04:48 | Computer Name = Ewa-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi vToolbarUpdater18.1.10 z powodu następującego błędu: %%2 Error - 2014-11-13 17:14:05 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-11-13 17:18:10 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-11-13 17:18:41 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-11-14 10:50:30 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2014-11-14 10:50:30 | Computer Name = Ewa-Komputer | Source = atikmdag | ID = 43029 Description = Display is not active Error - 2014-11-14 10:50:47 | Computer Name = Ewa-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SPDRIVER_1.37.0.1375 z powodu następującego błędu: %%3 Error - 2014-11-14 10:50:47 | Computer Name = Ewa-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi vToolbarUpdater18.1.10 z powodu następującego błędu: %%2 < End of report >