OTL Extras logfile created on: 09-08-2012 11:12:52 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = c:\Users\Bartka\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 2,75 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 58,82% Memory free 5,73 Gb Paging File | 4,33 Gb Available in Paging File | 75,62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 244,58 Gb Total Space | 52,48 Gb Free Space | 21,46% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 57,70 Gb Free Space | 26,09% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3410135167-3203327399-1058832732-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-3410135167-3203327399-1058832732-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{17857B9F-8757-4798-8BCE-3273C6CC689F}" = lport=50000 | protocol=6 | dir=in | name=arcavir communicationport (a) | "{57C1C608-BCEA-4511-A289-FCDF2022780C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{849AB457-8C43-49E6-B0AA-0278F5C75C4D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8697EB06-A575-4273-9DA1-9BDC18E77DD7}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{ADD2D5F6-46D1-4B10-BB4B-A4A4E7CB5261}" = lport=50000 | protocol=6 | dir=in | name=arcavir communicationport (a) | "{B2400C2D-E377-4629-8BE7-06EFB1898DF6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C1AC8A85-893F-4C1E-962E-5E29B2670217}" = lport=50001 | protocol=6 | dir=in | name=arcavir communicationport (s) | "{E1E85D5C-C6A1-400B-85E6-FC1DEDEEF048}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{EB1BC7FF-7C5B-4870-AC83-F6ADB5540231}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F4293E6D-C2BA-4078-98C6-668F0394E6C2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{F4DB6233-AD31-49C8-8082-338232497374}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{F6369470-94FB-47AF-95D0-A6A34D04F822}" = lport=50001 | protocol=6 | dir=in | name=arcavir communicationport (s) | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3D1257A5-B411-446E-BCD5-9934B5AF30B2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{461891C4-D0EF-4742-8DBD-EFE53D521287}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{4DBD95C1-7191-4A27-AA4E-5A64AE34ADC2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{80022F7D-9FED-4278-ABF3-591C6BF0215C}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{C8C46087-BF3F-4C41-8014-7008A8174C72}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{FF590DA5-E2D2-4F54-A4E1-2B250610791E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{23846997-2B47-4F8B-9D28-F12A575EFDD7}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{5BF0AA23-3110-4414-99C8-FEE33D3C459B}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{846EC4BE-A026-455E-BF0D-543475F055D4}C:\users\bartka\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\bartka\appdata\local\facebook\video\skype\facebookvideocalling.exe | "TCP Query User{F1548F98-C853-47B2-9E15-7A21E7D10A4E}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{3F7C0173-9C6B-4937-A1CC-4BFFB91D18E6}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{6214730A-9AD4-409D-9D27-1066DF3F8ADB}C:\users\bartka\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\bartka\appdata\local\facebook\video\skype\facebookvideocalling.exe | "UDP Query User{9BC29919-0779-49EF-B755-FEB2D7142253}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{C820BAA2-5836-480D-B127-12B788E69E17}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001A "{07D4A7C5-C55C-45B5-9E86-D8068D25EF40}" = Fast Track "{0BF3B440-408E-11E1-BA79-F04DA23A5C58}" = Vegas Pro 11.0 "{0C485220-4029-48E7-9F27-965DA4A78D5E}" = Samsung Networking Wizard "{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService "{0F733E11-408E-11E1-B5FE-F04DA23A5C58}" = MSVCRT Redists "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{48494430-A8AB-11E0-939A-005056C00008}" = MSVCRT Redists "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE "{600B9FB0-30A0-11E0-9ABC-005056C00008}" = DVD Architect Studio 5.0 "{670A2206-F20A-490C-8C13-25EA88BF8E54}_is1" = e-pity 2011 wersja 3.0 "{6C398D39-BB35-4AF3-8306-79BEC4AC94A6}_is1" = Listen to YouTube 3.0 "{70376A8D-C6E7-4A61-9E30-42AD268CD45D}_is1" = MagicCamera 7.2.1 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B6FD7A3F-4C98-4B6B-A157-AD21FA57B4EE}" = ArcaVir "{C4B9D1E2-088C-4918-B7C7-DE3F0128367E}_is1" = VoxBox 2.52 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService "{DDBA0DC0-A738-11E0-BF44-005056C00008}" = Vegas Movie Studio HD Platinum 11.0 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F41B3F68-C137-477A-9DD5-E231F512D84F}" = ArcaVir Prerequistes "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FE8CD9C9-7650-4B8D-928A-85D6CAB6CA59}" = Digidesign Pro Tools M-Powered Essential 8.0.2 "1ClickDownloader" = 1ClickDownloader "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ASIO4ALL" = ASIO4ALL "CCleaner" = CCleaner "E9AD3EE8-FDF0-4471-9B76-76709D85E3E6_is1" = Pusia i lew "FL Studio 10" = FL Studio 10 "FormatFactory" = FormatFactory 2.70 "Gadu-Gadu 10" = Gadu-Gadu 10 "GG Tools_is1" = GG Tools "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series "IL Download Manager" = IL Download Manager "Internet Manager" = Internet Manager "Księga Przychodów i Rozchodów" = Księga Przychodów i Rozchodów "Magazyn" = Magazyn "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 15.0 (x86 pl)" = Mozilla Firefox 15.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MultiBiznesmen mała firma" = MultiBiznesmen mała firma "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "PRO100 wersja 5 Demo_is1" = PRO100 wersja 5 Demo "Q-Typing 1.3_is1" = Q-Typing 1.3 "Recuva" = Recuva "Softonic_English_FF Toolbar" = Softonic English FF Toolbar "ST6UNST #1" = Kadry, Płace i ZUS 4.18.93 - aktualizacja "Totalcmd" = Total Commander (Remove or Repair) "TrueRTA" = TrueRTA "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3410135167-3203327399-1058832732-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 08-08-2012 10:44:45 | Computer Name = user-PC | Source = Google Update | ID = 20 Description = Error - 09-08-2012 03:50:11 | Computer Name = user-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd regsvr32.exe, wersja 6.0.6000.16386, sygnatura czasowa 0x4549b3c7, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18327, sygnatura czasowa 0x4cb73436, kod wyjątku 0xc0000005, przesunięcie błędu 0x00045677, identyfikator procesu 0x1638, godzina rozpoczęcia aplikacji 0x01cd76039a137bc0. Error - 09-08-2012 04:04:04 | Computer Name = user-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 09-08-2012 04:06:33 | Computer Name = user-PC | Source = Google Update | ID = 20 Description = Error - 09-08-2012 04:11:47 | Computer Name = user-PC | Source = Google Update | ID = 20 Description = Error - 09-08-2012 04:17:23 | Computer Name = user-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 09-08-2012 04:17:23 | Computer Name = user-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 09-08-2012 04:34:22 | Computer Name = user-PC | Source = EventSystem | ID = 4609 Description = Error - 09-08-2012 04:48:36 | Computer Name = user-PC | Source = EventSystem | ID = 4609 Description = Error - 09-08-2012 04:50:57 | Computer Name = user-PC | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 23-05-2012 13:43:18 | Computer Name = user-PC | Source = Service Control Manager | ID = 7009 Description = Error - 23-05-2012 13:43:18 | Computer Name = user-PC | Source = Service Control Manager | ID = 7000 Description = Error - 24-05-2012 13:30:31 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 19:29:31 na 2012-05-24 było nieoczekiwane. Error - 24-05-2012 13:31:25 | Computer Name = user-PC | Source = Service Control Manager | ID = 7009 Description = Error - 24-05-2012 13:31:25 | Computer Name = user-PC | Source = Service Control Manager | ID = 7000 Description = Error - 25-05-2012 13:32:26 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 19:29:16 na 2012-05-25 było nieoczekiwane. Error - 25-05-2012 13:33:09 | Computer Name = user-PC | Source = Service Control Manager | ID = 7009 Description = Error - 25-05-2012 13:33:09 | Computer Name = user-PC | Source = Service Control Manager | ID = 7000 Description = Error - 26-05-2012 02:54:39 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 08:43:32 na 2012-05-26 było nieoczekiwane. Error - 26-05-2012 02:55:37 | Computer Name = user-PC | Source = ipnathlp | ID = 31004 Description = Agent proxy DNS nie może przydzielić 0 bajtów pamięci. Może to wskazywać, że w systemie brakuje pamięci wirtualnej lub że menedżer pamięci napotkał błąd wewnętrzny. < End of report >