OTL Extras logfile created on: 2012-07-19 17:09:38 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\user\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,99% Memory free 6,19 Gb Paging File | 5,74 Gb Available in Paging File | 92,69% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 63,48 Gb Total Space | 20,90 Gb Free Space | 32,93% Space Free | Partition Type: NTFS Drive D: | 234,61 Gb Total Space | 207,02 Gb Free Space | 88,24% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: user | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-262707708-3403537287-2414498979-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-262707708-3403537287-2414498979-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{117DF566-8016-4464-BD3C-A6799FE3DC2C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3BEFF3B0-78F5-49A4-B7EE-D4653757E850}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{725D27F2-A8EF-4BBB-BB02-81AD831DB0D7}" = rport=10243 | protocol=6 | dir=out | app=system | "{7F00565E-F949-4CE9-874E-A1540E6A9834}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AE210609-7AFE-49F6-8D49-49B1F8CC7F9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B73D22BB-2372-41CB-BAE6-E3380472DE9C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E15AE066-0383-4569-BCEE-C2E7A53DD8B8}" = lport=10243 | protocol=6 | dir=in | app=system | "{EDADA9EE-E410-46AE-9328-A0C062C71D58}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F3EA4610-B10B-48AC-AA04-10ACABB01898}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{084FB42F-7AEB-4ADD-A7B0-B2FC1D1B9065}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{09F71EEE-1465-43BD-BED1-1FFB25FF3969}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe | "{168C1599-C972-4455-BAE2-CAED76A25331}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1FAAA822-92AC-488B-AE0A-C82B93DB8F13}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2D994657-C37E-4CDC-8CEC-F482A4787BA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2F51D019-CB83-4CA6-94B1-E8ACBAAC8449}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{402C51A8-C482-42D2-A2DD-9679913C4694}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4FBBB251-8D5D-4158-AE9F-18559C17B71E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{57772E71-A87D-40AD-BEAB-858EAB13C729}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe | "{675388BB-C258-452E-8C98-3F276B560596}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{69FF5437-6AA4-42B3-8A42-304E8A0F39E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6C16DCE4-036A-4D0C-8A44-D8A98FB60CE9}" = dir=in | app=c:\program files\itunes\itunes.exe | "{6E065AD9-0A18-4630-9666-4239B32BF6E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{72500B4A-DE85-4F5F-A357-E0892414CE9B}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe | "{72F0CB66-E655-4ED4-9490-DACA0DF72EDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{897189A7-AD24-455E-9432-50DB03AF23F8}" = dir=in | app=d:\rosetta\support\bin\win\rosettastoneltdservices.exe | "{8DA7BFE3-423D-4164-B885-399D2A19530B}" = protocol=6 | dir=out | app=system | "{8E24193E-2010-4542-B5BC-65F7DE33139D}" = dir=in | app=d:\rosetta\rosettastoneversion3.exe | "{9CEB1F07-6833-471C-BF69-5D7EA7187216}" = protocol=6 | dir=out | app=d:\rosetta\rosettastoneversion3.exe | "{A504CC59-77A5-4419-8E19-D93FAE57FA2A}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe | "{A58380AB-E53F-49B5-B65A-F175CB5212D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BD8A05BB-2F29-4379-AAF4-06772B242C50}" = protocol=6 | dir=out | app=d:\rosetta\support\bin\win\rosettastoneltdservices.exe | "{C996C0E1-D770-4AFE-BBAF-35695FEF910A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D3512486-42B8-419F-BA0A-EE134A2C3038}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "TCP Query User{9B0039F7-661F-412B-8079-E0B816C428FB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{608BFC34-EE8F-4352-8411-DBA6E3D558B5}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3 "{0446A460-E8E8-4387-9D1F-4BE9C9824F7B}" = Microsoft Antimalware Service PL-PL Language Pack "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{33B18075-C7DF-4839-8517-C6E9338D84F2}" = HP 3D DriveGuard "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware "{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje "{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client PL-PL Language Pack "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}" = pdfforge Toolbar v6.0 "{975C3A93-2491-3D44-A071-F6CBF153E46D}" = Google Talk Plugin "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 266.58 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 266.58 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.1.13.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud "{DAE4E3BE-78F3-FB72-9DD3-EF690FC96D01}" = e-Deklaracje Desktop "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software "7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Pakiet sterowników systemu Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "DPP" = Canon Utilities Digital Photo Professional 3.9 "DVD Decrypter" = DVD Decrypter (Remove Only) "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "EOS Utility" = Canon Utilities EOS Utility "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.9.0 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Original Data Security Tools" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "Picture Style Editor" = Canon Utilities Picture Style Editor "SynTPDeinstKey" = Synaptics Pointing Device Driver "WFTK" = Canon Utilities WFT Utility "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-19 10:20:21 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-19 10:24:06 | Computer Name = user-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-07-19 10:25:24 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = Perflib | ID = 1008 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = Perflib | ID = 1010 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = PerfNet | ID = 2004 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = Perflib | ID = 1008 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = Perflib | ID = 1010 Description = Error - 2012-07-19 10:44:30 | Computer Name = user-PC | Source = Perflib | ID = 1008 Description = Error - 2012-07-19 10:46:33 | Computer Name = user-PC | Source = PerfNet | ID = 2004 Description = [ System Events ] Error - 2011-11-08 13:56:10 | Computer Name = user-PC | Source = Service Control Manager | ID = 7011 Description = Error - 2011-11-08 17:16:03 | Computer Name = user-PC | Source = Server | ID = 2505 Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetbiosSmb, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error - 2011-11-15 13:14:57 | Computer Name = user-PC | Source = HTTP | ID = 15016 Description = Error - 2011-11-15 13:15:30 | Computer Name = user-PC | Source = Microsoft Antimalware | ID = 3002 Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%835 Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: %%842 Error - 2011-12-11 07:41:42 | Computer Name = user-PC | Source = HTTP | ID = 15016 Description = Error - 2011-12-13 13:03:24 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 18:01:35 na 2011-12-13 było nieoczekiwane. Error - 2011-12-13 13:03:31 | Computer Name = user-PC | Source = HTTP | ID = 15016 Description = Error - 2011-12-23 11:55:53 | Computer Name = user-PC | Source = Tcpip | ID = 4199 Description = System wykrył konflikt adresów między adresem IP 192.168.0.100 a komputerem o sieciowym adresie sprzętowym 00-22-FA-9D-EF-44. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error - 2011-12-23 14:40:06 | Computer Name = user-PC | Source = PlugPlayManager | ID = 12 Description = Urządzenie 'Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)' (PCI\VEN_10EC&DEV_8168&SUBSYS_3603103C&REV_02\4&cd8ace4&0&00E1) zniknęło z systemu bez uprzedniego przygotowania go do usunięcia. Error - 2011-12-23 17:34:45 | Computer Name = user-PC | Source = RTL8169 | ID = 5008 Description = \DEVICE\{D2552622-6F00-44D7-BAD7-B9693CF8C1FD}: wykryto nieprawidłowy adres sieciowy. < End of report >