OTL Extras logfile created on: 2012-07-10 09:08:47 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\ Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.44 Gb Total Physical Memory | 2.91 Gb Available Physical Memory | 84.56% Memory free 7.06 Gb Paging File | 6.76 Gb Available in Paging File | 95.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48.83 Gb Total Space | 18.27 Gb Free Space | 37.41% Space Free | Partition Type: NTFS Drive D: | 221.62 Gb Total Space | 221.34 Gb Free Space | 99.88% Space Free | Partition Type: NTFS Drive E: | 195.31 Gb Total Space | 194.93 Gb Free Space | 99.80% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: pc | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03E7175E-1ADB-474A-ADDD-78744DEC2678}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{0432457F-2462-4A2D-803B-A5EA3F464275}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0ACFADF0-10CD-45CF-B9C9-61E62F3A24EE}" = lport=137 | protocol=17 | dir=in | app=system | "{11C96B76-8AC6-4E28-8D44-48877D67DDF2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{1D3E9CEC-0231-43A1-86FB-E123ED018087}" = rport=139 | protocol=6 | dir=out | app=system | "{33C397E8-DF08-44EF-86CF-DED9A73761AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{50E1D6A0-B494-40A6-A844-3BE576888598}" = lport=138 | protocol=17 | dir=in | app=system | "{5135C486-E235-4D11-A52D-B42B2C4F2783}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{571D9ECB-F377-4ABC-BD87-FA73391FD5A0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{622CE764-F326-48DA-BC90-977B22C4D1D4}" = rport=138 | protocol=17 | dir=out | app=system | "{70C304AD-D2A3-4926-9746-2354C60C3A71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{AABED9C6-1FD0-417A-B0F0-D849E1CFFF37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ADB131BC-0F50-4CC3-8D29-1A22CD84AB3E}" = lport=139 | protocol=6 | dir=in | app=system | "{B86163F3-AC0B-4CAC-A21D-F8CDB359D7DE}" = rport=137 | protocol=17 | dir=out | app=system | "{B89EB436-0B35-4DEE-9B72-4759697685BC}" = lport=445 | protocol=6 | dir=in | app=system | "{B9972386-525F-40B8-9B9A-DE58D9600006}" = rport=445 | protocol=6 | dir=out | app=system | "{C2CDFF0E-DA3B-4160-A435-2602F4D6DDC0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{E9C60688-A5D0-40D6-9763-FE464BEB9D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{46077021-9994-4539-BA7F-94910008DC36}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{499D8709-EEC1-4FEF-9337-F1CE707B5C1D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5814679F-5450-46DE-8A28-8176129CBFC3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6D728EFC-1751-4E11-A102-D234A9A7320C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{95A89E4E-C570-4F17-BD2F-D652BC48DE0B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "TCP Query User{1BCC02EF-83B3-41C7-B257-DB19B7B33724}E:\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=e:\nowe gadu-gadu\gg.exe | "TCP Query User{72C92282-9AA2-473B-BE17-A7DEFC46A1F8}C:\program files\hoyailink\hoyabus2wacon.exe" = protocol=6 | dir=in | app=c:\program files\hoyailink\hoyabus2wacon.exe | "TCP Query User{B8572074-4D58-46F6-B80E-E5783382E2A9}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{C5CB77A3-D8A0-4EB1-8A20-6D6362F9B00D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{F5FD85B1-00C5-4FF2-A8D2-3517C6AD7C8D}C:\users\pc\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\screamer radio\screamer.exe | "UDP Query User{02F501A4-7F87-414D-BF01-C026F61C4ADF}E:\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=e:\nowe gadu-gadu\gg.exe | "UDP Query User{2A16055D-FAAB-4665-B19F-D4FDEE096D05}C:\users\pc\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\screamer radio\screamer.exe | "UDP Query User{330E0A94-4D50-41BF-9C57-9960B9A664F2}C:\program files\hoyailink\hoyabus2wacon.exe" = protocol=17 | dir=in | app=c:\program files\hoyailink\hoyabus2wacon.exe | "UDP Query User{BC8224D3-1E9F-4C17-AA94-2649697185B3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{CCDDFD63-3043-4B61-B9C9-E02F89B1A7B3}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver "{17FE57E9-08BD-476F-A718-8D9FBB59640B}_is1" = Faktura Small Business "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{69589221-D76E-4C88-8388-A7943C851045}" = Nero 7 Essentials "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = CrowdStar Gamebar "{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EBF9E9C-A873-425B-91FC-EC07B4DDF15D}" = Hoyalog AutoUpdate (PL) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish "{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver "{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Defraggler" = Defraggler "EXPERTool_is1" = EXPERTool 7.8 "hoya.mystyle-identifier.online" = Hoya MyStyle iDentifier (Online) "HoyaiLink" = HoyaiLink "HOYALOG V6.50" = HOYALOG V6.50 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.9.0 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 10.0.2 (x86 pl)" = Mozilla Firefox 10.0.2 (x86 pl) "Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9) "NetSurveillance" = NetSurveillance "NFZ-KO_is1" = NFZ-KO 2012.2.0.0 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Rejestracja użytkownika drukarki Canon iP4800 series" = Rejestracja użytkownika drukarki Canon iP4800 series "Super NetSurveillance" = Super NetSurveillance "Vtune_is1" = Vtune 7.4 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = CrowdStar Gamebar Updater [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-09 10:35:47 | Computer Name = pc-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-09 10:38:23 | Computer Name = pc-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-09 10:39:39 | Computer Name = pc-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-09 10:41:10 | Computer Name = pc-PC | Source = System Restore | ID = 8193 Description = Error - 2012-07-09 10:48:03 | Computer Name = pc-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-09 10:55:28 | Computer Name = pc-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-09 10:56:37 | Computer Name = pc-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-10 02:57:56 | Computer Name = pc-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-10 02:59:08 | Computer Name = pc-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-10 03:03:40 | Computer Name = pc-PC | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 2012-07-09 10:55:28 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 10:55:31 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 10:56:37 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-07-09 10:56:37 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-07-10 02:57:50 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-10 02:57:56 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-10 02:57:57 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-10 02:58:04 | Computer Name = pc-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-10 02:59:09 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-07-10 02:59:09 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7026 Description = < End of report >