OTL Extras logfile created on: 2013-03-16 15:08:36 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = F:\ Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 82,94 Gb Free Space | 55,65% Space Free | Partition Type: NTFS Drive D: | 139,28 Gb Total Space | 90,58 Gb Free Space | 65,04% Space Free | Partition Type: NTFS Drive F: | 244,73 Mb Total Space | 203,86 Mb Free Space | 83,30% Space Free | Partition Type: FAT Computer Name: 1-PC | User Name: gggg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3092393104-1822898777-3802938079-1001\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4233B845-A53C-465D-BA20-3DBCB74871E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{80FFAA84-6753-4D91-91B0-15B7C8CA99F6}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{8EEBA0BD-4345-4F6C-AD10-ACDF497E08B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{C325F0A8-0945-46A9-BEED-516FDB98DB89}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{C4B510B5-78D3-470A-974F-D4AA4B2A6D2C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{D97B5B52-D59C-4590-84F9-F8E4491AC115}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{F09BCE95-13F2-42B8-B512-E76E01A13A5A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{F6A7743B-DBE5-4DA2-A5BF-5F4D3A66EE25}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "TCP Query User{0B607243-7BE1-4A21-94A6-532A3ABB8B8A}D:\instalki\r1q2_multi_2\quake2.exe" = protocol=6 | dir=in | app=d:\instalki\r1q2_multi_2\quake2.exe | "TCP Query User{267888A9-157B-402D-A2D0-DEAC5E7EA261}D:\gry\=wolfenstein et=\et.exe" = protocol=6 | dir=in | app=d:\gry\=wolfenstein et=\et.exe | "TCP Query User{7CE93F8B-A91E-4DE1-9017-A6CD60D6BC68}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "TCP Query User{C363B79E-92FF-4DAE-99E0-E64DA01BBB46}D:\gry\empire earth\empire earth\empire earth.exe" = protocol=6 | dir=in | app=d:\gry\empire earth\empire earth\empire earth.exe | "UDP Query User{105331F6-9485-4FF7-B440-D6AA5943AE4E}D:\gry\empire earth\empire earth\empire earth.exe" = protocol=17 | dir=in | app=d:\gry\empire earth\empire earth\empire earth.exe | "UDP Query User{4DFE5B4D-0C2A-4DC7-B6AF-F19D6E785DBD}D:\instalki\r1q2_multi_2\quake2.exe" = protocol=17 | dir=in | app=d:\instalki\r1q2_multi_2\quake2.exe | "UDP Query User{663EA277-F5D2-46F8-8EA4-9F47D12BB649}D:\gry\=wolfenstein et=\et.exe" = protocol=17 | dir=in | app=d:\gry\=wolfenstein et=\et.exe | "UDP Query User{EA408D56-EFC0-4EF9-AF0C-3132FE8580F9}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1 "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries "{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2 "{616B741E-6694-438B-BD02-73A79DE6834C}" = MainConcept MCE Encoder "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{96E2E493-C484-43E3-9B95-D62EE7D40D3A}" = Internet Explorer Toolbar 4.7 by SweetPacks "{9E897D0F-F804-41A3-966C-7BB6EB5B6BE8}" = SpyHunter "{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "CCleaner" = CCleaner "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "Google Chrome" = Google Chrome "InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "Internet Manager" = Internet Manager "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.4.4 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers "Opera 12.11.1661" = Opera 12.11 "PROHYBRIDR" = 2007 Microsoft Office system "SMSERIAL" = Motorola SM56 Speakerphone Modem "SoftwareUpdUtility" = Download Updater (AOL Inc.) "SynTPDeinstKey" = Synaptics Pointing Device Driver "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam "Video Converter" = Video Converter "Video Converter Bundle by SweetPacks" = Video Converter Bundle by SweetPacks "VKMusic 4_is1" = VKMusic 4 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-03-15 09:41:34 | Computer Name = 1-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd Explorer.EXE, wersja 6.0.6001.18164, sygnatura czasowa 0x4907e242, moduł powodujący błąd ntdll.dll, wersja 6.0.6001.18538, sygnatura czasowa 0x4cb733dc, kod wyjątku 0xc0000005, przesunięcie błędu 0x00059648, identyfikator procesu 0x37fc, godzina rozpoczęcia aplikacji 0x01ce2182cb646b00. Error - 2013-03-15 09:41:47 | Computer Name = 1-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd P4P.exe, wersja 1.0.0.16, sygnatura czasowa 0x46b1d397, moduł powodujący błąd P4P.exe, wersja 1.0.0.16, sygnatura czasowa 0x46b1d397, kod wyjątku 0xc0000005, przesunięcie błędu 0x00016034, identyfikator procesu 0x3b64, godzina rozpoczęcia aplikacji 0x01ce2182ce14cd90. Error - 2013-03-15 09:48:51 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-03-15 09:52:02 | Computer Name = 1-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd Explorer.EXE, wersja 6.0.6001.18164, sygnatura czasowa 0x4907e242, moduł powodujący błąd ntdll.dll, wersja 6.0.6001.18538, sygnatura czasowa 0x4cb733dc, kod wyjątku 0xc0000005, przesunięcie błędu 0x00059600, identyfikator procesu 0x1674, godzina rozpoczęcia aplikacji 0x01ce21844218a728. Error - 2013-03-15 10:12:33 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-03-15 14:33:26 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-03-15 14:57:42 | Computer Name = 1-PC | Source = EventSystem | ID = 4609 Description = Error - 2013-03-15 15:00:03 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-03-15 16:04:51 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-03-15 17:21:08 | Computer Name = 1-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-03-16 06:56:29 | Computer Name = 1-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2013-03-16 06:56:29 | Computer Name = 1-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2013-03-16 06:56:43 | Computer Name = 1-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2013-03-16 09:49:44 | Computer Name = 1-PC | Source = DCOM | ID = 10010 Description = Error - 2013-03-16 09:53:07 | Computer Name = 1-PC | Source = DCOM | ID = 10010 Description = Error - 2013-03-16 10:03:21 | Computer Name = 1-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 15:02:03 na 2013-03-16 było nieoczekiwane. Error - 2013-03-16 10:03:25 | Computer Name = 1-PC | Source = HTTP | ID = 15016 Description = Error - 2013-03-16 10:04:38 | Computer Name = 1-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2013-03-16 10:04:56 | Computer Name = 1-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2013-03-16 10:04:56 | Computer Name = 1-PC | Source = Service Control Manager | ID = 7000 Description = < End of report >