OTL Extras logfile created on: 2013-01-29 17:52:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kubson\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,98 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,89% Memory free 7,96 Gb Paging File | 6,43 Gb Available in Paging File | 80,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 38,96 Gb Total Space | 14,42 Gb Free Space | 37,01% Space Free | Partition Type: NTFS Drive D: | 429,69 Gb Total Space | 421,89 Gb Free Space | 98,19% Space Free | Partition Type: NTFS Drive E: | 462,76 Gb Total Space | 461,81 Gb Free Space | 99,79% Space Free | Partition Type: NTFS Drive F: | 3,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KUBSON-KOMPUTER | User Name: kubson | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{001E2463-7BDD-466F-B851-8604B2634718}" = rport=138 | protocol=17 | dir=out | app=system | "{07485E50-B3D0-4B97-BAFE-23113CA8F5F9}" = lport=10243 | protocol=6 | dir=in | app=system | "{093AE7EE-7754-472D-9585-CBA4CA5DEC32}" = lport=2869 | protocol=6 | dir=in | app=system | "{17CD1D61-2D77-4C51-8785-26C6235F8BEC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{287DCB0A-E126-4D61-A5A0-BEC653936A12}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4AE7C3BA-FC6F-4423-AC6C-08B3C75D365D}" = lport=138 | protocol=17 | dir=in | app=system | "{4C54001E-2B48-4B8C-B05B-FD151D03A9E0}" = rport=139 | protocol=6 | dir=out | app=system | "{557E9B93-7C47-47C4-B395-E50D30D141E7}" = rport=137 | protocol=17 | dir=out | app=system | "{652A97F1-D84F-4DAE-8C65-BFDC55301FBC}" = lport=137 | protocol=17 | dir=in | app=system | "{785DA588-C681-4920-942C-622C04D7CF37}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{84008E31-11AF-4F6C-B87C-09E14029D0E9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{94A6D814-5092-479D-9442-744059990DE1}" = lport=445 | protocol=6 | dir=in | app=system | "{9BF45E7D-F90E-4AA0-AEFF-FB157D73D86B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A8158380-4984-4F64-BF8F-2E0CF2B25D08}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AFFA11B0-DFCC-4BBE-B033-A116A010A6BA}" = rport=10243 | protocol=6 | dir=out | app=system | "{B548247B-A725-4B9D-982F-7C9F1213FCD3}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{C4697CA2-F9D7-44EA-BA16-F0A6B7DC9AB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CBC39FE0-C801-4006-A03D-104DE98BAC10}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D3680A1D-981C-4EA6-A0CD-74FC74729F2E}" = lport=139 | protocol=6 | dir=in | app=system | "{D844F9AB-7FE3-473F-A028-4841A86B82E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DDC3B0FD-3B6B-4B49-B905-49B6822901B6}" = rport=445 | protocol=6 | dir=out | app=system | "{E4ADFAB2-A9AD-4C8F-9654-E28AE281B3A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F8BE23AE-B236-40C0-A115-B60D8B3C6730}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FBC9451A-5926-4BA7-ABED-877D4610E6BD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08530DA0-61E4-40A8-83EE-D1B20EF232A3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{2587CBB1-F0A4-429F-A719-BB91F1A213B5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2977A2EA-8D50-4A27-B15F-92D9D3680702}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{2E8CC101-D8AC-4FBD-B992-F447250CDA60}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{318DD93F-C6E7-4E74-B4BA-D9349D56FA5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{34DB0AF3-FC50-49B7-92A4-5539C34FDBB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{44EDCAA4-05BF-427B-9677-3A6BE9B8B388}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5CF5D067-1611-40D7-BE4B-406A936F8F9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5D6AC54F-E6C3-4412-BAF8-15EE02F67B88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5F7EE2A5-7D0C-4A3B-8ABB-F8404E48F136}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6F74E367-E51F-477F-93CF-8E9A06FF6A32}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{767494E5-C5F4-431E-9F9F-F2E5D5BE1B2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{80846AC7-F558-4277-A95E-108228135B1A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{841C580F-1BE7-49EE-8347-D5A7AF5E4B5B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{97317AAC-BB6F-45A8-86C5-657157EB53EB}" = protocol=6 | dir=out | app=system | "{A5003121-3FA4-480F-87AA-0D30DEA5D655}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A78FBD89-558F-4963-BF40-20019E1316CB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{B5A8C301-2CE5-4CC9-B676-89752924B4A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C5E91989-06F5-441B-BAF9-287F74948B7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DD38927D-0C7B-421F-8BEB-B3BC979B08EE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F850F0C8-63EA-452A-B0AE-17AE7D1C5B70}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F92435CA-724A-487F-99C7-741F182E361D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{400242AA-643B-4B00-8BD5-B00A121BDAAB}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe | "UDP Query User{7D43D0CC-1B03-4EB5-AA33-63615BB4E858}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "WinRAR archiver" = WinRAR 4.20 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE "{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox "{69438B37-FC57-40E1-BB40-C4C64AC98305}" = AMD OverDrive Beta "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.62 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = ESENT | ID = 455 Description = Windows (3644) Windows: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00012.log. Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 9000 Description = Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 7040 Description = Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 7042 Description = Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 9002 Description = Error - 2013-01-29 12:13:57 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 3029 Description = Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 3029 Description = Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 3028 Description = Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 3058 Description = Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Windows Search Service | ID = 7010 Description = [ System Events ] Error - 2013-01-29 07:17:08 | Computer Name = KUBSON-KOMPUTER | Source = BugCheck | ID = 1001 Description = Error - 2013-01-29 09:49:08 | Computer Name = kubson-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 14:47:28 na ?2013-?01-?29 było nieoczekiwane. Error - 2013-01-29 09:49:09 | Computer Name = KUBSON-KOMPUTER | Source = BugCheck | ID = 1005 Description = Error - 2013-01-29 09:49:09 | Computer Name = KUBSON-KOMPUTER | Source = BugCheck | ID = 1001 Description = Error - 2013-01-29 12:13:33 | Computer Name = kubson-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 17:12:00 na ?2013-?01-?29 było nieoczekiwane. Error - 2013-01-29 12:13:34 | Computer Name = KUBSON-KOMPUTER | Source = BugCheck | ID = 1005 Description = Error - 2013-01-29 12:13:34 | Computer Name = KUBSON-KOMPUTER | Source = BugCheck | ID = 1001 Description = Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error - 2013-01-29 12:13:58 | Computer Name = kubson-Komputer | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-01-29 12:45:04 | Computer Name = kubson-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 17:43:33 na ?2013-?01-?29 było nieoczekiwane. < End of report >