OTL Extras logfile created on: 2012-05-05 15:18:22 - Run 1 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Lenovo\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,96 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 37,21% Memory free 3,92 Gb Paging File | 2,50 Gb Available in Paging File | 63,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,20 Gb Total Space | 3,34 Gb Free Space | 11,46% Space Free | Partition Type: NTFS Drive D: | 203,59 Gb Total Space | 50,92 Gb Free Space | 25,01% Space Free | Partition Type: NTFS Drive F: | 7,39 Gb Total Space | 7,33 Gb Free Space | 99,19% Space Free | Partition Type: FAT32 Computer Name: LENOVO-KOMPUTER | User Name: Lenovo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03A4C2B9-A2FB-4CD7-A61D-187CD32BA1A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{086A3D62-7CE3-41D6-8F2F-165BA1E510E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{139FB945-8B86-4A38-B2C8-A7AC7E1FCF78}" = lport=138 | protocol=17 | dir=in | app=system | "{2F42A5A6-BD3E-4F5F-B627-5CEB86A4A2C0}" = rport=445 | protocol=6 | dir=out | app=system | "{37FF0BDB-F52A-4B7B-BC56-17C13C89EA0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5178706C-8B13-48ED-9B65-50AD69AFAA44}" = rport=10243 | protocol=6 | dir=out | app=system | "{6EC2B1CF-84AC-4E87-88A3-E1FB97BE5596}" = lport=139 | protocol=6 | dir=in | app=system | "{732D3BC8-8BDD-494F-A2BD-0E30BABD411B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{79736B54-F444-469C-A8C2-5ACD3EA6B3B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80AD9086-DC74-45A1-816E-9386D80491AB}" = lport=445 | protocol=6 | dir=in | app=system | "{88C8CA3A-7BBF-4343-8D43-8B0FB2DC1288}" = lport=137 | protocol=17 | dir=in | app=system | "{917086B7-732A-4788-B093-FC52CB6CE757}" = rport=138 | protocol=17 | dir=out | app=system | "{99B15801-8AF2-480E-A68A-EDB7ED1E0CA9}" = rport=139 | protocol=6 | dir=out | app=system | "{9D993394-D0D0-4582-93DF-78E41756C122}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A7C129DF-C34B-4488-8225-8A7B4A19C5EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ABE4D1C1-4881-4FCF-9753-70E48314ECCD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C2C3068A-FD0E-4861-8266-2E23BC92A110}" = rport=137 | protocol=17 | dir=out | app=system | "{CB97F064-08ED-47E8-ABD0-C19A7E8A3A4D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D709D7C9-253E-4A38-B157-21011CE5D363}" = lport=10243 | protocol=6 | dir=in | app=system | "{F5D5A799-4B57-4B87-A889-E59F0D77FA46}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F8315F43-4814-4FFE-993B-F2BCADB42A1C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FA4AA259-9F32-41D5-B7C5-957C3C3192F4}" = lport=2869 | protocol=6 | dir=in | app=system | "{FD71C189-939E-40AD-8CDD-A4E8A764133D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1FF91588-BA0D-42DB-948A-2CD83C284269}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{2C7C7B46-7CE8-4F3E-B502-49B511B81097}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2ECA59D6-FD72-4BB7-B27E-E3F9322AAC8C}" = dir=in | app=c:\program files\powerdvd10\powerdvd10\powerdvd9.exe | "{313654BE-EED0-4446-A528-380F8361C613}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{31C653F7-9071-4881-8CE1-F70EE25FB5F2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{34059E24-0FA5-42A8-9D0D-A0CD1B572912}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3A7B7F75-06A1-491F-A932-4210F4D63F59}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{56D2839F-28F1-4BD1-AA8A-C2F99313B65E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{56E633DC-DAB1-4EC5-9B7F-2DBD4AD40C4D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{63DC9A72-BADB-4F75-8780-4531E4C7003B}" = protocol=6 | dir=out | app=system | "{6AD99C0B-530F-4AB7-8F00-3DA44806123D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{71184985-5A55-4834-8200-DA596B6674BC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7C11E13F-BEE9-4866-A9A2-2FD6E5A300A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{97F68FE1-0009-460C-BE41-D70A983A9AAB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AD1CD591-BC16-4700-842E-30E8B492308C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BA02BFAA-B778-464B-B948-6046180883C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C8705DBD-C764-4084-AB95-74043FFDB746}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D29E52B8-CB02-4FFE-BCDF-A7001A1A427C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{EB580C3D-7E96-4645-8AA5-DF3A516ED730}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EEDFF825-1467-46B2-A0E4-973F40473212}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F11A0543-44C7-4A43-B2DA-795C466F216E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{F56D4920-F509-4565-8F16-9DCF1AF5521F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FACBA14E-2CF2-4D5D-BDEB-9AE147D96383}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FC982773-6215-4B2E-853C-4E3075A1EF3B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "TCP Query User{81C46302-AD77-40BE-8AA5-F3DF82C890B8}D:\games\half-life\half-life\hl.exe" = protocol=6 | dir=in | app=d:\games\half-life\half-life\hl.exe | "TCP Query User{DCE3A23D-C00B-4DF7-B377-766432B02CED}D:\games\half-life\half-life\hlds.exe" = protocol=6 | dir=in | app=d:\games\half-life\half-life\hlds.exe | "UDP Query User{45DF6BC6-022A-476B-8E6B-BA21AE9904C0}D:\games\half-life\half-life\hlds.exe" = protocol=17 | dir=in | app=d:\games\half-life\half-life\hlds.exe | "UDP Query User{C3067996-CC92-426F-B005-3F2DBC69E3F4}D:\games\half-life\half-life\hl.exe" = protocol=17 | dir=in | app=d:\games\half-life\half-life\hl.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29 "{2F8FEB9F-0022-4F67-B88E-BF888ACC912D}_is1" = Ad Muncher version 4.91 Build 32562 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8 "{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = WIDCOMM Bluetooth Software "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution "{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "72A50F48CC5601190B9C4E74D81161693133E7F7" = Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 7.01.0.9) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.11 "avast" = avast! Free Antivirus "BSPlayerp" = BS.Player PRO "CNXT_AUDIO_HDA" = Conexant HD Audio "Counter-Strike 1.6 [PL] SznaJK3r" = Counter-Strike 1.6 [PL] SznaJK3r "E0AC723A3DE3A04256288CADBBB011B112AED454" = Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 4.7) "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Half-Life" = Half-Life "Hardlock Device Drivers" = Hardlock Device Drivers "KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Standard) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "Mozilla Thunderbird 11.0.1 (x86 pl)" = Mozilla Thunderbird 11.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 1812) "Nokia PC Suite" = Nokia PC Suite "PC Tools Utilities_is1" = PC Tools Performance Toolkit 2.0 "Red Alert 2" = Command & Conquer Red Alert 2 "RocketDock_is1" = RocketDock 1.3.5 "uTorrent" = µTorrent "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-05-05 02:27:04 | Computer Name = Lenovo-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2012-05-05 02:29:32 | Computer Name = Lenovo-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-05-05 02:38:51 | Computer Name = Lenovo-Komputer | Source = DMDefragService | ID = 0 Description = Error - 2012-05-05 02:53:17 | Computer Name = Lenovo-Komputer | Source = DMDefragService | ID = 0 Description = Error - 2012-05-05 02:56:10 | Computer Name = Lenovo-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2012-05-05 02:57:40 | Computer Name = Lenovo-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-05-05 08:43:07 | Computer Name = Lenovo-Komputer | Source = VSS | ID = 8194 Description = Error - 2012-05-05 08:47:36 | Computer Name = Lenovo-Komputer | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2012-05-05 08:49:01 | Computer Name = Lenovo-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-05-05 08:52:14 | Computer Name = Lenovo-Komputer | Source = VSS | ID = 8194 Description = [ System Events ] Error - 2012-02-09 00:19:23 | Computer Name = Lenovo-Komputer | Source = DCOM | ID = 10001 Description = Error - 2012-02-09 04:36:54 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-02-09 12:51:38 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-02-09 13:27:06 | Computer Name = Lenovo-Komputer | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2012-02-09 13:40:45 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-02-09 14:08:42 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-02-09 18:03:08 | Computer Name = Lenovo-Komputer | Source = DCOM | ID = 10005 Description = Error - 2012-02-09 18:03:08 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-02-09 21:57:24 | Computer Name = Lenovo-Komputer | Source = DCOM | ID = 10001 Description = Error - 2012-02-10 03:29:11 | Computer Name = Lenovo-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Windows Image Acquisition (WIA) zależy od usługi Wykrywanie sprzętu powłoki, której nie można uruchomić z powodu następującego błędu: %%1058 < End of report >