OTL Extras logfile created on: 2015-08-18 22:26:51 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,73% Memory free 4,24 Gb Paging File | 3,37 Gb Available in Paging File | 79,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,05 Gb Total Space | 107,20 Gb Free Space | 71,92% Space Free | Partition Type: NTFS Drive F: | 918,66 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DOM | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{027A40AA-1159-4FD6-83DB-ED80AC3E551B}" = rport=445 | protocol=6 | dir=out | app=system | "{1882FC27-C932-48FF-B4C8-35DBDD5C0128}" = lport=1886 | protocol=6 | dir=in | name=genieo | "{1C441C80-644E-4792-965B-089EFA3F3F61}" = lport=138 | protocol=17 | dir=in | app=system | "{31CE7624-3CDB-4DA2-BF5E-F69D737A9599}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{44C6DA34-3F8E-4658-AA45-74C0E7C4C6AC}" = lport=137 | protocol=17 | dir=in | app=system | "{78C19C07-9844-464E-9BE4-6594730070D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{82845CD0-1F6D-48CC-912E-D0F9F2923BED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{83DB4DF0-285C-4144-A9BF-5E0EE7E0ACAC}" = rport=137 | protocol=17 | dir=out | app=system | "{915CC77B-2B65-40C7-977B-38BD8626DE77}" = lport=2869 | protocol=6 | dir=in | app=system | "{964830A1-B7F3-45CB-851A-9E81EF9A8177}" = lport=445 | protocol=6 | dir=in | app=system | "{96855B52-3841-4344-BC60-FB15574BB7D7}" = rport=138 | protocol=17 | dir=out | app=system | "{983622E3-A00A-475F-99BD-DB282738D547}" = rport=139 | protocol=6 | dir=out | app=system | "{A0636B9A-A0B5-4FE0-A9CD-DE0D4518A683}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B85A7B16-FEF8-4388-A153-7FFB45913735}" = lport=1886 | protocol=6 | dir=in | name=genieo | "{C4377425-05B6-4917-9469-F1DE295FA7AF}" = lport=139 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{14FB4DBA-12AF-46C1-A768-6A492084FDC3}" = dir=in | app=c:\program files\hp\hp deskjet 2510 series\bin\usbsetup.exe | "{1D411834-27BE-421F-AEA8-2E4C843FEEDA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{32146555-3F50-415A-B3EC-5C3A2278E3BA}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{38597FDA-7408-4A9B-9AB7-1CF84EEBB1B7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5DDDC4E6-4971-4399-A88C-7AAFBD71DF64}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{78343101-956F-407F-9D9E-2E665DE2972A}" = dir=out | name=core networking - system ip core | "{8196F309-09BA-4A24-B16F-1D671085CA55}" = protocol=17 | dir=in | app=c:\program files\symulator farmy 2011\game.exe | "{81C23E9C-8B23-4671-9562-5EC0FC20F620}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{945FCA4D-14D7-4F19-B1CD-F874A1754A4A}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{95200C16-E41F-42DD-90C2-B59F5CE1525C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{9876D031-4A83-492E-B8B2-A228E376392C}" = dir=in | name=core networking - system ip core | "{9C0C7683-9ABD-4533-B057-E45AE1367162}" = protocol=17 | dir=in | app=c:\program files\symulator farmy 2011\farmingsimulator2011.exe | "{C232BC76-EEA8-433D-AB9E-407E27652E74}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{D0964377-AB44-4A3C-ACBF-F5450358C884}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E4D8A8D9-6133-4038-A991-761E1D66BF93}" = protocol=6 | dir=in | app=c:\program files\symulator farmy 2011\farmingsimulator2011.exe | "{EE9A0D14-F1CA-4A73-8BDC-695A97D2BA34}" = protocol=6 | dir=in | app=c:\program files\symulator farmy 2011\game.exe | "{F64B49E1-6385-439E-B0EE-67B8A34E6184}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{2C17D8C2-DB71-47AD-AB0E-DE2A55ED8543}C:\users\administrator\desktop\hack\pandoramt2(bez_patchera).exe" = protocol=6 | dir=in | app=c:\users\administrator\desktop\hack\pandoramt2(bez_patchera).exe | "TCP Query User{9E90AB5C-B3E2-4408-9A98-94958BF1C5EC}C:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe" = protocol=6 | dir=in | app=c:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe | "TCP Query User{AFE834D8-774A-45DF-95B7-D9210A36BDEF}C:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe" = protocol=6 | dir=in | app=c:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe | "TCP Query User{CDEFF183-CFFB-4994-8405-7C8EDA7679AD}C:\program files\counter strike 1.6 csc\ counter strike 1.6 csc\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter strike 1.6 csc\ counter strike 1.6 csc\hl.exe | "TCP Query User{D4C27299-B3AA-4A08-831F-3A9D916696C2}C:\users\administrator\desktop\mod pandora\pandoramt2(bez_patchera).exe" = protocol=6 | dir=in | app=c:\users\administrator\desktop\mod pandora\pandoramt2(bez_patchera).exe | "UDP Query User{2209FBAC-144F-4A87-B7DB-378868D6B36B}C:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe" = protocol=17 | dir=in | app=c:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe | "UDP Query User{546D2183-2794-4EBD-9337-EF0C20627BE3}C:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe" = protocol=17 | dir=in | app=c:\users\administrator\desktop\pandora\pandoramt2(bez_patchera).exe | "UDP Query User{8C1E6E58-D712-4AA1-86F1-5EB123CF6BD1}C:\users\administrator\desktop\hack\pandoramt2(bez_patchera).exe" = protocol=17 | dir=in | app=c:\users\administrator\desktop\hack\pandoramt2(bez_patchera).exe | "UDP Query User{9550003A-7E0B-4474-8760-B1BF6FF5B5A7}C:\users\administrator\desktop\mod pandora\pandoramt2(bez_patchera).exe" = protocol=17 | dir=in | app=c:\users\administrator\desktop\mod pandora\pandoramt2(bez_patchera).exe | "UDP Query User{CF76BEB7-2EEC-44F7-AD77-5CC5FA74C3B0}C:\program files\counter strike 1.6 csc\ counter strike 1.6 csc\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter strike 1.6 csc\ counter strike 1.6 csc\hl.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{216C7F38-4BBC-4E9A-8392-C9FA21B54386}" = HP Deskjet 2510 series Setup Guide "{223818EB-2BB5-4AAD-9F38-BA9668A4E3F3}" = Windows Live Messenger "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.3 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5CC1B8CB-4B4A-4DB6-AA7D-7167D033E93C}" = VirtualDJ 8 "{5FEB73FA-7D2D-4478-88A9-37940598C998}" = ODF Add-in for Microsoft PowerPoint "{7B8C1350-91E4-408D-8070-01D2F1268E6C}" = ODF Add-in for Microsoft Excel "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D774B5B-A1D9-45B3-AFB4-3F85604961BC}" = ODF Add-in for Microsoft Word "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D7EF308-E368-4DCE-9196-BB9D5FB883DC}" = "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_PROPLUS_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_PROPLUS_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_PROPLUS_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00B2-0415-0000-0000000FF1CE}" = Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 "{9B4E6CB9-E54D-47F7-A414-E2D5740E1045}" = Nero 7 Essentials "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 327.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 327.23 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert "{D239DFD4-44E1-4239-AD5F-0DC652320141}" = HP Deskjet 2510 series — podstawowe oprogramowanie urządzenia "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "Adobe Flash Player PPAPI" = Adobe Flash Player 19 PPAPI "Avast" = Avast Free Antivirus "Counter Strike 1.6 CSC 1.0" = Counter Strike 1.6 CSC "FarmingSimulator2011PL_is1" = Symulator Farmy 2011 "FormatFactory" = FormatFactory 3.6.0.0 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.1.8.1057 "MENVER" = Edycja Jesień 2007/Wiosna 2008 dla MEN "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 40.0.2 (x86 pl)" = Mozilla Firefox 40.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "PLAY ONLINE" = PLAY ONLINE "PROPLUS" = Microsoft Office Professional Plus 2007 "PROSet" = Intel(R) PRO Network Connections Drivers "TeamSpeak 3 Client" = TeamSpeak 3 Client "UltraISO_is1" = UltraISO Premium V9.62 "WinRAR archiver" = WinRAR 5.11 (32-bitowy) [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2015-08-18 14:34:22 | Computer Name = Dom | Source = LoadPerf | ID = 3012 Description = Error - 2015-08-18 14:34:22 | Computer Name = Dom | Source = LoadPerf | ID = 3011 Description = Error - 2015-08-18 14:41:46 | Computer Name = Dom | Source = Perflib | ID = 1008 Description = Error - 2015-08-18 14:41:46 | Computer Name = Dom | Source = Perflib | ID = 1010 Description = Error - 2015-08-18 15:07:21 | Computer Name = Dom | Source = LoadPerf | ID = 3012 Description = Error - 2015-08-18 15:07:21 | Computer Name = Dom | Source = LoadPerf | ID = 3012 Description = Error - 2015-08-18 15:07:21 | Computer Name = Dom | Source = LoadPerf | ID = 3011 Description = Error - 2015-08-18 15:36:00 | Computer Name = Dom | Source = LoadPerf | ID = 3012 Description = Error - 2015-08-18 15:36:00 | Computer Name = Dom | Source = LoadPerf | ID = 3012 Description = Error - 2015-08-18 15:36:00 | Computer Name = Dom | Source = LoadPerf | ID = 3011 Description = Error encountered while reading event logs. < End of report >