OTL Extras logfile created on: 2012-08-13 21:29:30 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Piotrek\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1013,81 Mb Total Physical Memory | 482,23 Mb Available Physical Memory | 47,57% Memory free 2,24 Gb Paging File | 1,84 Gb Available in Paging File | 82,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 92,21 Gb Total Space | 48,17 Gb Free Space | 52,24% Space Free | Partition Type: NTFS Drive D: | 22,51 Gb Total Space | 7,92 Gb Free Space | 35,19% Space Free | Partition Type: NTFS Drive E: | 22,61 Gb Total Space | 12,07 Gb Free Space | 53,38% Space Free | Partition Type: NTFS Computer Name: PIOTREK-PC | User Name: Piotrek | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-3920968175-468477757-287155869-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1BD3F946-2A62-4925-9C61-71FC38FFB010}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{3CC5E4AC-05BF-49AC-A1B1-9004E1B51B2D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4DA404F5-B72A-4B2D-AE42-7FEFAE52BE05}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{8F66AAC5-9634-4095-8FB2-A23EF66B3A3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D222177B-B534-41EA-9B47-060F8EB3EB5F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{DCE999BE-0BC0-4BD1-A7A2-96DDC9AB9F76}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{FEFF9E4F-6EE3-48A5-A88E-6EF3DB107FFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CFAD50B-FD90-48A9-9623-B14208AF9DE5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{24814EEE-49BE-431F-825B-8A1D0EDB006D}" = protocol=6 | dir=in | app=c:\program files\bitspirit\bitspirit.exe | "{55CD4C77-159D-4930-90D6-6B5934C21E7A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{922B5797-1056-4D8A-BFEF-2B3427D0D635}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{9B82D4DC-BEFE-4EA5-837E-78685333491E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{CB424058-37EE-48C3-B9D5-B3C2B9F58746}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D3CDAAB5-DAAC-45C3-AB91-8D42F3284D50}" = protocol=17 | dir=in | app=c:\program files\bitspirit\bitspirit.exe | "{F018A632-13AA-486F-89A6-51A693083076}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{373A5A6D-A083-44BB-A189-4B781BBF829E}E:\===[ pc games ] - age of empires ii(full)\empires2.exe" = protocol=6 | dir=in | app=e:\===[ pc games ] - age of empires ii(full)\empires2.exe | "TCP Query User{5FE0FEA9-25FF-4C67-B8F4-F0342EE7DDE0}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{6F806A46-192B-49B2-9F1E-B7A45A79BB5B}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{EE48222A-CE04-428C-A689-020017BCB6CD}E:\===[ pc games ] - age of empires ii(full)\empires2.exe" = protocol=6 | dir=in | app=e:\===[ pc games ] - age of empires ii(full)\empires2.exe | "UDP Query User{6800663F-B94A-47E5-8BF7-BF2113FD64C3}E:\===[ pc games ] - age of empires ii(full)\empires2.exe" = protocol=17 | dir=in | app=e:\===[ pc games ] - age of empires ii(full)\empires2.exe | "UDP Query User{C379AE53-E30D-43C3-AA7C-B219337A284C}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{E1D969B2-94F9-43D2-B854-37C5DD1DA9DC}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{EAC6649C-DFB6-4166-9463-4B9A94B21480}E:\===[ pc games ] - age of empires ii(full)\empires2.exe" = protocol=17 | dir=in | app=e:\===[ pc games ] - age of empires ii(full)\empires2.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{2511D82C-2688-41C2-ABF8-AF237795989B}" = pdfforge Toolbar v6.2 "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "Google Chrome" = Google Chrome [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3920968175-468477757-287155869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-10 08:30:37 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-10 14:39:50 | Computer Name = Piotrek-PC | Source = EventSystem | ID = 4621 Description = Error - 2012-08-10 17:04:22 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-11 10:42:47 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-11 12:05:37 | Computer Name = Piotrek-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd chrome.exe, wersja 21.0.1180.75, sygnatura czasowa 0x5020a04e, moduł powodujący błąd chrome.dll, wersja 21.0.1180.75, sygnatura czasowa 0x5020a006, kod wyjątku 0x80000003, przesunięcie błędu 0x00532c6f, identyfikator procesu 0x1564, godzina rozpoczęcia aplikacji 0x01cd77d894779d51. Error - 2012-08-13 03:14:46 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-13 03:52:02 | Computer Name = Piotrek-PC | Source = VSS | ID = 8194 Description = Error - 2012-08-13 09:34:22 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-13 12:54:41 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = Error - 2012-08-13 14:11:47 | Computer Name = Piotrek-PC | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 2012-08-13 13:03:02 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10010 Description = Error - 2012-08-13 13:15:32 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10010 Description = Error - 2012-08-13 13:28:18 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10010 Description = Error - 2012-08-13 13:41:21 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10010 Description = Error - 2012-08-13 15:03:53 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10010 Description = Error - 2012-08-13 15:21:18 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10005 Description = Error - 2012-08-13 15:21:28 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10005 Description = Error - 2012-08-13 15:21:35 | Computer Name = Piotrek-PC | Source = DCOM | ID = 10005 Description = Error - 2012-08-13 15:22:05 | Computer Name = Piotrek-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-13 15:22:05 | Computer Name = Piotrek-PC | Source = Service Control Manager | ID = 7026 Description = < End of report >