OTL Extras logfile created on: 2012-07-09 21:30:32 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Janina Kruk\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1021,81 Mb Total Physical Memory | 677,05 Mb Available Physical Memory | 66,26% Memory free 2,24 Gb Paging File | 2,02 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 41,75 Gb Total Space | 6,81 Gb Free Space | 16,32% Space Free | Partition Type: NTFS Drive D: | 100,36 Gb Total Space | 78,77 Gb Free Space | 78,49% Space Free | Partition Type: NTFS Drive E: | 6,94 Gb Total Space | 2,40 Gb Free Space | 34,64% Space Free | Partition Type: NTFS Drive F: | 32,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JANINAKRUK-PC | User Name: Janina Kruk | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-917778092-478145982-1272054800-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3DEDF379-7257-4E0C-86D4-BCA5623FF28C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{48EFD4DB-0B23-448F-95C1-81E122CEB84B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{4BE3A3CC-7425-4534-8F04-209D2EFC5636}" = lport=2869 | protocol=6 | dir=in | app=system | "{899935F2-0EA8-4A41-82FA-9647C47E86B1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{9B488F1B-42D1-47B9-A449-61872A5D265E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{B7496C47-6BC5-48E3-B7E2-8CF73FEB5ACB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F386E71A-8346-449A-9D36-1D3E91BE4929}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{103FDC0B-621C-4BA3-A0AA-2F0BC353CFB9}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{3C4B5587-9ADC-4544-8FAE-4A512BBE0C1B}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{47A55AFE-E7BE-42E9-8EF5-B846732CD26D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | "{5E319BDF-D999-4963-9C76-177AD78867FE}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{7CA0267D-288A-432E-BCB6-6014A8AF274A}" = protocol=6 | dir=out | app=system | "{9657373F-5750-4D94-9AA5-BD187D80838B}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{F14745E5-A159-4DA0-8383-79C30ADB79EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{91130415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{911A0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Outlook 2002 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A64936C6-7A8E-4C76-87AD-A61AFBCF7921}" = GlobeTrotter Connect "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7646-000000000001}" = Adobe Reader 6.0 "{BBB39A52-9740-46E6-BD5F-E23EC3A695A4}" = Quick GPS Connection Data Download Manager "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E00354-A8C2-40D6-8ED8-26B3A4B1AF85}" = iPAQ GSM-GPRS Settings "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{ORAHSS}.UninstallSuite" = Livebox "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Google Chrome" = Google Chrome "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NSS" = Norton Security Scan "NVIDIA Drivers" = NVIDIA Drivers "SMSERIAL" = Motorola SM56 Data Fax Modem "SubEdit - Vista WMP Patch_is1" = SubEdit - Vista WMP Patch "SubEdit-Player_is1" = SubEdit-Player "WinGimp-2.0_is1" = GIMP 2.4.4 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-01 14:24:24 | Computer Name = JaninaKruk-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd connectivitymanager.exe, wersja 1.1.78.739, sygnatura czasowa 0x484d79a6, moduł powodujący błąd HandlerAuth.dll, wersja 1.1.78.739, sygnatura czasowa 0x484d79d1, kod wyjątku 0xc0000005, przesunięcie błędu 0x000039b3, identyfikator procesu 0x998, godzina rozpoczęcia aplikacji 0x01cd57b485c82cf0. Error - 2012-07-05 05:42:39 | Computer Name = JaninaKruk-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd connectivitymanager.exe, wersja 1.1.78.739, sygnatura czasowa 0x484d79a6, moduł powodujący błąd HandlerAuth.dll, wersja 1.1.78.739, sygnatura czasowa 0x484d79d1, kod wyjątku 0xc0000005, przesunięcie błędu 0x000039b3, identyfikator procesu 0xa04, godzina rozpoczęcia aplikacji 0x01cd5a65e7014a79. Error - 2012-07-08 07:43:08 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-08 15:53:22 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-08 16:07:56 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-08 17:27:40 | Computer Name = JaninaKruk-PC | Source = System Restore | ID = 8193 Description = Error - 2012-07-08 17:34:54 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-08 17:37:29 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-08 17:38:51 | Computer Name = JaninaKruk-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2012-07-09 15:12:25 | Computer Name = JaninaKruk-PC | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 2012-07-08 16:27:19 | Computer Name = JaninaKruk-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-08 17:40:46 | Computer Name = JaninaKruk-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-07-09 15:09:35 | Computer Name = JaninaKruk-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 23:41:26 na 2012-07-08 było nieoczekiwane. Error - 2012-07-09 15:11:38 | Computer Name = JaninaKruk-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:09:35 na 2012-07-09 było nieoczekiwane. Error - 2012-07-09 15:12:18 | Computer Name = JaninaKruk-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 15:12:25 | Computer Name = JaninaKruk-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 15:12:26 | Computer Name = JaninaKruk-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 15:12:28 | Computer Name = JaninaKruk-PC | Source = DCOM | ID = 10005 Description = Error - 2012-07-09 15:13:08 | Computer Name = JaninaKruk-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-07-09 15:13:08 | Computer Name = JaninaKruk-PC | Source = Service Control Manager | ID = 7026 Description = < End of report >