OTL Extras logfile created on: 2012-03-04 17:31:33 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Administrator\Desktop Windows Vista Server Standard Edition (full installation) Service Pack 2 (Version = 6.0.6002) - Type = NTServer Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,75 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 61,84% Memory free 3,76 Gb Paging File | 3,14 Gb Available in Paging File | 83,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 38,69 Gb Free Space | 79,24% Space Free | Partition Type: NTFS Drive D: | 62,95 Gb Total Space | 3,37 Gb Free Space | 5,36% Space Free | Partition Type: NTFS Computer Name: WIN-TIT899W5KN4 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [foobar2000.enqueue] -- "C:\Program Files\foobar2000\foobar2000.exe" /add "%1" () Directory [foobar2000.play] -- "C:\Program Files\foobar2000\foobar2000.exe" "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 1 "DefaultInboundAction" = 1 "DefaultOutboundAction" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0FFFAB79-7F4F-4B98-A932-672938B3CB08}" = lport=139 | protocol=6 | dir=in | app=system | "{17D4893A-094F-42A2-B1AF-C28E64D70409}" = rport=138 | protocol=17 | dir=out | app=system | "{1E708C1C-9B58-4FF3-A532-C32A57678378}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1F546C7C-F8ED-4698-BD60-CF3F50FEB81F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{28418B1E-78A7-4F69-92E8-16DC1EA33509}" = lport=139 | protocol=6 | dir=in | app=system | "{2F25E74E-B6B6-4685-9DEF-5F2723F13A49}" = rport=137 | protocol=17 | dir=out | app=system | "{384F3244-19B0-42F7-AB4F-3000858B4654}" = lport=137 | protocol=17 | dir=in | app=system | "{43315207-EF55-4A7A-A8B3-AC84754EA95A}" = rport=139 | protocol=6 | dir=out | app=system | "{59C027F0-F049-4F67-AE79-2E5F2FA51B88}" = lport=137 | protocol=17 | dir=in | app=system | "{5C483B76-EF80-4A2B-9FC5-DF78267D1AFC}" = lport=445 | protocol=6 | dir=in | app=system | "{5D685B43-0815-4712-BDBE-009B251891CC}" = lport=138 | protocol=17 | dir=in | app=system | "{60418AA4-93DF-4E09-A6F1-496996B42B1D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{61083197-4C60-422E-BF5D-3C1419CD4A6C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{66C709DD-D463-4C1F-9E3C-BF4948BFC686}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6AB487E5-4193-4A08-BC11-79CBA8595465}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6CB6E591-F13C-4FF8-A65B-090FCA0E85FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{872CD0D3-2214-42B2-8E4B-98D4A74D363C}" = lport=138 | protocol=17 | dir=in | app=system | "{8A4C4937-158F-4BAF-AED6-86474C20F49E}" = rport=445 | protocol=6 | dir=out | app=system | "{8DCF6D30-67B6-41AD-8954-E61B416B3153}" = rport=139 | protocol=6 | dir=out | app=system | "{95400B42-29F5-4A77-93A3-9CDE219DA0DC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9701E172-F2F4-4914-B1D4-D29B4C8028C6}" = lport=137 | protocol=17 | dir=in | app=system | "{A0656B8E-2D32-4259-A796-C7C85CBB1D11}" = rport=5357 | protocol=6 | dir=out | app=system | "{A176764D-1BD8-4BA7-8CB1-6824049C262C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A3AC10FD-BE83-4BD6-BB20-2DBE5755AD1B}" = lport=2869 | protocol=6 | dir=in | app=system | "{A61D5EB6-CB02-418E-8AC2-3D10434D442A}" = rport=5358 | protocol=6 | dir=out | app=system | "{B313F1D4-B2DE-45F3-8B31-86D7B3D3E65C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{B7FE9C3C-C7E1-4A39-8E3D-DECA3FB2A31F}" = rport=137 | protocol=17 | dir=out | app=system | "{BBADA7D4-B62A-400A-848F-E60CF6D63CE3}" = rport=445 | protocol=6 | dir=out | app=system | "{CBF6DC29-C7F8-460D-9B3F-73603B0C06E3}" = rport=137 | protocol=17 | dir=out | app=system | "{CEA2AECD-9F4E-490C-AC2C-63B5CB8B5281}" = lport=445 | protocol=6 | dir=in | app=system | "{CFD42AC4-8E85-486B-9BE7-BB4106FDDBF7}" = rport=138 | protocol=17 | dir=out | app=system | "{D88A274B-7A69-4168-B4D7-C4485BF01E7C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{DE21BD94-F950-41AE-BFB6-E5ABD1D48928}" = lport=138 | protocol=17 | dir=in | app=system | "{E72931D8-AD86-473E-B6FF-CA024533DF63}" = rport=138 | protocol=17 | dir=out | app=system | "{F67ED46E-1D63-402C-B795-941E9DA0F7A6}" = lport=5357 | protocol=6 | dir=in | app=system | "{FD43DA84-2D48-4366-B418-A82BC9389E7B}" = lport=5358 | protocol=6 | dir=in | app=system | "{FED634BD-C7C5-4CEE-AEFD-E8CFD0A3CB7E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{020BB450-837F-4C58-A3D8-F83B6403CE68}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{0E0D92C3-0EBF-4722-8A64-A80F38C6400D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{11B051D6-2C1A-46DB-A8AA-8BDCED522E68}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{26381F0B-DE37-43EF-BF6A-39BBA03B5BAE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2BDD8FA2-36B3-4679-936B-E1D5600B69CE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{546D3808-D275-4D3C-892D-68B14F09B460}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6A9BB1FD-11F8-4310-AA8E-9DB759B78D96}" = protocol=6 | dir=out | app=system | "{6E405B49-F293-450E-BE6E-D920205B6529}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A72174BD-1F69-427D-897B-0B3AFAF0538D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C33484FF-FAC9-4759-B67C-17DC89B36B72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{ECEF8418-DB65-4877-A27C-D781355A3E0D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FC44A139-2A34-4C2C-8D3E-B6F1CBFC5EE2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{63F8286A-601D-4B06-BB21-DB863AF17BFA}" = HotKey_Driver "{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security "Chrome9HC" = VIA Chrome9 HC IGP Family Display "foobar2000" = foobar2000 v1.1.10 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "Opera 11.50.1074" = Opera 11.50 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4013617045-3506206116-1533852936-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-03-03 14:07:42 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x654, godzina rozpoczęcia aplikacji 0x01ccf968865217c6. Error - 2012-03-03 14:09:18 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x4ec, godzina rozpoczęcia aplikacji 0x01ccf968c02a4554. Error - 2012-03-03 14:11:17 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x798, godzina rozpoczęcia aplikacji 0x01ccf969058a121e. Error - 2012-03-03 14:12:06 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x788, godzina rozpoczęcia aplikacji 0x01ccf96921cbb0c2. Error - 2012-03-03 14:13:30 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x7f8, godzina rozpoczęcia aplikacji 0x01ccf969564dbade. Error - 2012-03-03 14:26:47 | Computer Name = WIN-TIT899W5KN4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd RtWLan.exe, wersja 500.1491.627.2007, sygnatura czasowa 0x46834304, moduł powodujący błąd Wlanapi.dll, wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed, identyfikator procesu 0x7d0, godzina rozpoczęcia aplikacji 0x01ccf96b3002f4be. [ System Events ] Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 2012-03-03 17:32:09 | Computer Name = WIN-TIT899W5KN4 | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 2012-03-03 18:21:32 | Computer Name = WIN-TIT899W5KN4 | Source = Service Control Manager | ID = 7000 Description = Error - 2012-03-04 10:48:26 | Computer Name = WIN-TIT899W5KN4 | Source = Service Control Manager | ID = 7000 Description = < End of report >