OTL Extras logfile created on: 2013-01-11 09:49:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lucyna\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,92 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 41,26% Memory free 5,83 Gb Paging File | 4,05 Gb Available in Paging File | 69,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 297,99 Gb Total Space | 253,31 Gb Free Space | 85,01% Space Free | Partition Type: NTFS Computer Name: LUCYNA-KOMPUTER | User Name: koala | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2378946254-2719399970-649331198-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2378946254-2719399970-649331198-1005\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03A3A2C0-057A-4BCE-9501-83B8DD49F682}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{0672B475-0033-4CA4-8534-893C43224824}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{07B7795C-3D31-4C34-92F4-4723E2482736}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1D6489CB-5005-4244-9842-749C31FE5862}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{1DA0EAA1-E8CD-4642-A073-0FBB87FEDCC2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1F50ABAB-1542-43F3-A76F-F3ED6EE8761A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1FB7066C-7D21-414C-98F6-04EA0958FD43}" = rport=10243 | protocol=6 | dir=out | app=system | "{20A72AA0-A360-4DC4-92E9-3307DBF0B2EB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{22AB3C8B-1000-40DC-B5F9-2F40AAB66454}" = lport=10243 | protocol=6 | dir=in | app=system | "{28D946B4-DF2F-4BC8-AED5-21983BA0A439}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{378D89BF-2629-43BB-BA6F-EE51212A8952}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3A3EA84F-4B9D-4EC5-B54B-FB13A8ADC46D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3B837D57-1933-4551-A008-2637571EEC4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3D83F663-9B8B-49B9-AA5F-064A0DDEEC71}" = lport=2869 | protocol=6 | dir=in | app=system | "{3DDA2BAF-E8FD-443E-AAF7-AE3B1DB1EB9E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{41E0D0BD-E85A-4E6E-A341-14825E9211DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{42FB263C-BB67-4460-A324-D8A14D9B35B2}" = lport=139 | protocol=6 | dir=in | app=system | "{5BB3B407-3249-4601-B112-BB8E855C3975}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{62DE9B29-F3BE-45A0-A1B8-2DF591B038E1}" = rport=138 | protocol=17 | dir=out | app=system | "{6A195071-F0C3-4411-BB8A-97B0D9E22747}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{70864163-2678-49CF-A65A-2C5D8901ABF6}" = rport=445 | protocol=6 | dir=out | app=system | "{7AAD5C02-4C58-44E9-98D4-8399928F23F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{83A9CC02-02C8-4D8B-ACC0-CFAAECB1E24E}" = lport=445 | protocol=6 | dir=in | app=system | "{A6689593-675C-41A7-87C8-A8A67483CFFF}" = rport=137 | protocol=17 | dir=out | app=system | "{A7977FC7-2F06-4855-B688-C9263704B291}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B42EDE69-4E2B-4F1E-92F7-F16C64DF190B}" = rport=139 | protocol=6 | dir=out | app=system | "{BDC19B9D-D771-4933-92AA-ACA486C6BB21}" = lport=137 | protocol=17 | dir=in | app=system | "{C5924339-2AA0-411D-904B-C6804344100C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D136474D-8350-4AC8-9027-D045C5C55AA8}" = lport=138 | protocol=17 | dir=in | app=system | "{D6338690-547F-4E2B-9F40-22F467F440A2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DFD19110-6F83-4FC5-BC12-D9D180C58F9C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3A9CC20-2D36-4780-AEB9-76C9F777BB8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{001DA69D-964C-4414-AD96-6A5A970E4389}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0188C915-C6D6-4E4B-AE20-753995484F0C}" = protocol=17 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | "{01A5D615-A61A-41D6-B613-679CCD3A3063}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{036CC3AD-377A-4B6B-8811-1A7B7974B92F}" = protocol=6 | dir=in | app=c:\program files\avg\avg8\avgam.exe | "{0BC8201A-DAB4-4E36-944F-76367D2E729D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{13B64DA8-BC59-42F9-8423-8D58F6B0D49D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B93318B-2C67-45AA-AFCC-191F72184535}" = protocol=6 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | "{2F618526-3425-40CF-BD86-C4AA795EDAF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6530EA35-8FA1-461E-81CA-2C4D6A432832}" = protocol=17 | dir=in | app=c:\program files\avg\avg8\avgam.exe | "{6DA66848-1E2D-490C-AA2E-F4759C5F3158}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{724EA6DA-442E-427A-ACCD-F8315C046149}" = protocol=6 | dir=out | app=system | "{76F0E950-7B4F-4866-81FC-7AA0904193E1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7BDC9CC8-6A35-482B-8605-10961966A95D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{963F915B-91C7-4091-A7C0-EDE7993DE192}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9A72ADC9-E235-4B25-9A5B-A792CE620CBE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{9CD1FE98-16A8-45AA-AA1E-27C042DE1C79}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A4FC37B4-88DB-487B-B295-7FEB46BC3054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{B72C0BC6-1FA4-42A0-903F-497BAC2F4E54}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B78DAD7F-CC6B-415B-BB11-60BE91C718EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C1D762B9-54C9-4D06-A75B-478D0AAA8DE9}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D45B5D89-58CA-407C-B11D-16CB60C1F744}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D4FE0434-F548-47F3-B589-C4AC018F53F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D584B567-EA37-4DF5-A5DB-3BE15BE496B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D9859192-267F-4122-BD19-94C3BA03048A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EAFACD09-A81C-4C3E-B037-F616B4032357}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F4EC0A01-5334-4ED0-803E-ABE0A1C3B96D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{9B438CBA-A555-42E8-A4A9-305A427F12E4}C:\users\lucyna\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | "TCP Query User{A795E87A-A085-49B9-B08D-8A7547CA1BA7}C:\users\lucyna\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | "TCP Query User{F48D50C4-BCDC-41AA-AD67-677661BA9784}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{626529EC-E804-4375-8545-782ECA345DDF}C:\users\lucyna\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | "UDP Query User{ABC33F71-D2AA-4669-9EDD-A6770A027994}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{BD13D277-8696-4133-8BC7-3D091F644AA6}C:\users\lucyna\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\lucyna\downloads\utorrent.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Lenovo Bluetooth with Enhanced Data Rate Software "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.2 "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI "{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "ENTERPRISE" = Microsoft Office Enterprise 2007 "Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "N360" = Norton 360 "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "PLAY ONLINE" = PLAY ONLINE "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "WinRAR archiver" = WinRAR 4.10 (32-bit) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2378946254-2719399970-649331198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "Google Chrome" = Google Chrome [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2378946254-2719399970-649331198-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-10 05:14:41 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 07:09:54 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 09:03:50 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 11:05:03 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 13:42:39 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 15:36:39 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 17:33:54 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-10 19:24:27 | Computer Name = lucyna-Komputer | Source = Desktop Window Manager | ID = 9020 Description = Menedżer okien pulpitu napotkał błąd krytyczny (0x80070008). Error - 2013-01-10 19:39:14 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-01-11 03:39:33 | Computer Name = lucyna-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2013-01-10 09:02:09 | Computer Name = lucyna-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 14:00:06 na ?2013-?01-?10 było nieoczekiwane. Error - 2013-01-10 09:02:14 | Computer Name = LUCYNA-KOMPUTER | Source = BugCheck | ID = 1001 Description = Error - 2013-01-10 10:54:30 | Computer Name = lucyna-Komputer | Source = DCOM | ID = 10010 Description = Error - 2013-01-10 10:56:15 | Computer Name = lucyna-Komputer | Source = DCOM | ID = 10001 Description = Error - 2013-01-10 15:32:09 | Computer Name = lucyna-Komputer | Source = DCOM | ID = 10010 Description = Error - 2013-01-10 15:34:59 | Computer Name = lucyna-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:33:49 na ?2013-?01-?10 było nieoczekiwane. Error - 2013-01-10 15:35:04 | Computer Name = lucyna-Komputer | Source = BugCheck | ID = 1001 Description = Error - 2013-01-10 17:26:19 | Computer Name = lucyna-Komputer | Source = DCOM | ID = 10010 Description = Error - 2013-01-10 17:32:14 | Computer Name = lucyna-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 22:27:51 na ?2013-?01-?10 było nieoczekiwane. Error - 2013-01-10 19:37:39 | Computer Name = LUCYNA-KOMPUTER | Source = BugCheck | ID = 1001 Description = < End of report >