OTL Extras logfile created on: 2012-09-02 13:18:02 - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\bartek\Downloads Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,96 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 72,74% Memory free 4,16 Gb Paging File | 3,75 Gb Available in Paging File | 90,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 218,20 Gb Total Space | 131,86 Gb Free Space | 60,43% Space Free | Partition Type: NTFS Drive E: | 14,65 Gb Total Space | 7,53 Gb Free Space | 51,41% Space Free | Partition Type: NTFS Computer Name: BARTEK-PC | User Name: bartek | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-3564921943-826427564-3872245084-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{478F4C8C-E886-4A3E-82D4-55713C839AE0}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10689D48-62DB-4533-B293-375FA080284F}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base19132\sc2.exe | "{13464405-2DDF-4018-840B-88D61EE01B76}" = protocol=17 | dir=in | app=c:\program files\cake poker 2.0\pokerclient.exe | "{1549A11A-FF55-4EB6-B772-A660308C9E24}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base19132\sc2.exe | "{2316F73E-0232-476C-8C80-382C74499A0F}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl11b\faxrx.exe | "{7A40A6C0-791E-4EC3-89B4-D8D62C0C3D98}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{8150754C-9E6E-4412-88F3-6BE17AC79D69}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | "{9A86E1B1-7D40-4C24-BE62-6CF42E65CDF8}" = protocol=6 | dir=in | app=c:\program files\cake poker 2.0\pokerclient.exe | "{A1B138AC-8058-4E51-8C49-AA21F23EB073}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{AE499943-5E2F-4621-818B-26056C6174FA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{BB0AC0CD-82EC-4A63-8941-F1BB9C579817}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{C9D7A049-943B-43FB-8575-C7215CDA9841}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "{DBA7AD92-7DB4-4382-BB34-D27586EFDA03}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl11b\faxrx.exe | "{E5B3E275-2B6C-40AC-BBA3-ED7A5B0002E7}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | "{FE0DB147-FDA4-4EF7-9C88-2946AF0EEFB3}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | "TCP Query User{1A0EDF0B-89D3-4270-A74A-A909497BEDE9}C:\users\bartek\downloads\scp\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\bartek\downloads\scp\starcraft\starcraft.exe | "TCP Query User{2827066B-9F71-492B-A2B9-BA4FE19D8873}C:\users\bartek\desktop\qiiiarena1.32\qiiiarena1.32\quake 3\quake3.exe" = protocol=6 | dir=in | app=c:\users\bartek\desktop\qiiiarena1.32\qiiiarena1.32\quake 3\quake3.exe | "TCP Query User{9AA1FC48-A224-4BA4-86A7-948D507BF990}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{D6C303B3-6E83-49D7-B159-86E2A1254023}C:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe | "TCP Query User{E0AACFFD-1DFE-414F-A3C1-F04DED18DADB}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | "TCP Query User{FB19905C-C324-4865-8DD4-C13654571AA5}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{1F0FDB70-8D6F-48E0-A013-698BD0343BE4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{2CDDCDED-CF0B-4E73-AB04-DCF6CAA14D97}C:\users\bartek\downloads\scp\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\bartek\downloads\scp\starcraft\starcraft.exe | "UDP Query User{63358C8F-C03A-4938-A317-0413814D0DC5}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | "UDP Query User{D7B39293-767F-4444-A176-B29B6C6D0D30}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{DD4857AF-2DD2-485C-BA28-B25AEC432FB0}C:\users\bartek\desktop\qiiiarena1.32\qiiiarena1.32\quake 3\quake3.exe" = protocol=17 | dir=in | app=c:\users\bartek\desktop\qiiiarena1.32\qiiiarena1.32\quake 3\quake3.exe | "UDP Query User{DE664656-9EFB-4841-91E8-0B8C3EC497BA}C:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{155796AE-16D0-45D2-8939-6AE3AD67147B}" = ACR38U PCSC Driver 1.1.6.1 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}" = HP Deskjet F2200 All-In-One Driver 10.0 Rel .3 "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.24 "{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer "{6FCEBA1E-B484-4972-883F-E2B99A12758E}" = Norma Pro "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{830F55B6-4398-4B72-A0D8-66397B902C0E}" = Brother MFL-Pro Suite MFC-J5910DW "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3 "{B96A7F3B-AF29-489A-AE84-1DDF5942971C}" = proCertum CardManager "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}" = Nuance PaperPort 12 "{E80B3FB7-DAB0-40E9-B256-98D8FF8C1EA9}" = proCertum SmartSign "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "5B693A45377E76C1C6F833AC636C5D61522090CB" = Pakiet sterowników systemu Windows - ACS (ACSSCR) SmartCardReader (06/15/2009 1.1.6.1) "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "blueconnect" = blueconnect "Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility "Firebird SQL Server UK" = Firebird SQL Server - MAGIX Edition (UK) "KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.0 (Full) "MAGIX Music Maker 12 silver UK" = MAGIX Music Maker 12 silver (UK) "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "Mozilla Firefox 15.0 (x86 pl)" = Mozilla Firefox 15.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "PokerStars.eu" = PokerStars.eu "PokerTracker3" = PokerTracker 3 (remove only) "RealAlt_is1" = Real Alternative 1.9.0 "unibetpoker (Poker)" = Unibet "WinRAR archiver" = Archiwizator WinRAR "WPTPoker" = WPT Poker [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3564921943-826427564-3872245084-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-09-01 15:25:35 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-01 15:26:11 | Computer Name = bartek-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-09-01 15:31:00 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-01 15:31:12 | Computer Name = bartek-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-09-01 15:43:09 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-01 15:45:31 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-01 15:55:11 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-01 15:55:18 | Computer Name = bartek-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-09-02 06:53:00 | Computer Name = bartek-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-02 06:53:07 | Computer Name = bartek-PC | Source = WinMgmt | ID = 10 Description = [ Broadcom Wireless LAN Events ] Error - 2012-09-01 10:05:32 | Computer Name = bartek-PC | Source = WLAN-Tray | ID = 0 Description = 16:05:32, Sat, Sep 01, 12 Error - Unable to get current user admin status [ System Events ] Error - 2012-09-01 10:04:29 | Computer Name = bartek-PC | Source = HTTP | ID = 15016 Description = Error - 2012-09-01 10:05:13 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:05:13 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:05:13 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:08:40 | Computer Name = bartek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:07:19 na 2012-09-01 było nieoczekiwane. Error - 2012-09-01 10:08:46 | Computer Name = bartek-PC | Source = HTTP | ID = 15016 Description = Error - 2012-09-01 10:09:29 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:09:29 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:09:29 | Computer Name = bartek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-09-01 10:10:36 | Computer Name = bartek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:08:41 na 2012-09-01 było nieoczekiwane. < End of report >