OTL Extras logfile created on: 2013-07-27 12:17:49 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wadysaw\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,49 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 54,42% Memory free 7,17 Gb Paging File | 5,57 Gb Available in Paging File | 77,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 136,44 Gb Total Space | 68,08 Gb Free Space | 49,89% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 4,99 Gb Free Space | 49,92% Space Free | Partition Type: NTFS Computer Name: WADYSAW-PC | User Name: Wadysaw | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-73736342-2443057462-394513067-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0912735E-B9EE-4B52-9A04-E7D5612BCDAB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0D83BCAE-884B-4F7E-A3E2-3F6305B6C808}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{19B12F68-566D-41F9-A2A5-465236C10BEA}" = rport=137 | protocol=17 | dir=out | app=system | "{2BC91688-21F2-43D8-B2B5-F3F12DA183C4}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 | "{31334C29-6C01-4270-AEF5-4D95AD7D8AE9}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 | "{38AA685C-FE19-4B1F-A234-9B31A6FCE0B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{44746FA0-29DC-480B-9E92-A462C93B8DE5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5B922E4F-DCCB-42B9-AECE-8F4F4421364C}" = lport=138 | protocol=17 | dir=in | app=system | "{6D861AA6-6E3E-4BB1-8CB7-832FC5F62C64}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{708DD3A5-22EC-4E17-9E8C-765D4D55E4EE}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 | "{750F798B-FE75-4F28-A420-B3AE6834A433}" = lport=139 | protocol=6 | dir=in | app=system | "{7AA31BA5-6E89-4FE8-9EF2-B7D6770482A9}" = rport=138 | protocol=17 | dir=out | app=system | "{9DD00D0B-E6A0-4751-974C-F3E8D3E5F1E5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{A3A342B7-A42C-4FBA-B63A-4C3FD8475C92}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 | "{A60B8CD3-805E-4DD3-8531-495877E2026E}" = lport=445 | protocol=6 | dir=in | app=system | "{B64EF912-7005-4FE8-8A93-70C2C7F1F6A6}" = lport=137 | protocol=17 | dir=in | app=system | "{BB2644D6-6800-4492-B3D8-BC6279F851E0}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 | "{E000C65F-5CDE-4E83-A4CD-F70D2F32F442}" = rport=139 | protocol=6 | dir=out | app=system | "{E41B38D0-FE74-4146-9C85-48DDC9119A21}" = rport=445 | protocol=6 | dir=out | app=system | "{F6913336-3629-43F7-BBB7-5C114ECC2DAC}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0916CBFE-66FE-4A27-B74E-B36FAB7841DB}" = dir=in | app=c:\program files\protected search\protectedsearch.exe | "{1418008D-10B8-47E2-AE38-B0F2E73B7258}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{20B7281E-8B33-4B4E-8607-5BC034B3846C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{334B7A4A-D364-44D7-87AF-932B666C34AC}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{3F385B9D-1761-47F9-B09F-3AE6B67C0522}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{4D280A43-C961-4207-BCC7-2745102533A4}" = dir=in | app=c:\program files\itunes\itunes.exe | "{89704C12-FA8A-4A37-AD0E-489184E2F87C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{9CB98B8B-F395-4758-94F6-9A59CB279C0B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{9DF217F1-8119-46DD-931A-28ED28CA8B1A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{A672678E-736C-40F4-9D0C-ADE0DE0016C9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A80372E7-DC0E-4E42-886A-D61037CE2C91}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C5065400-3E8F-467E-8343-A1E8406BD73C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C9CC04A0-D91D-47EF-98DF-9566585A332A}" = dir=in | app=c:\users\wadysaw\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{EA543998-7686-432C-BEB2-FED3D799E356}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F915CA98-A6B0-484A-A613-4003176C6CC2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{FAEB30B6-EA1F-419F-A0C6-A4AD801C41A8}" = dir=out | app=c:\program files\protected search\protectedsearch.exe | "{FD76F8A4-4FD3-45B3-8C81-45F792038C6C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple "{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Polish "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CCleaner" = CCleaner "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 20.0.1 (x86 pl)" = Mozilla Firefox 20.0.1 (x86 pl) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-07-26 11:49:33 | Computer Name = Wadysaw-PC | Source = MsiInstaller | ID = 1023 Description = Error - 2013-07-27 03:12:46 | Computer Name = Wadysaw-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-07-27 03:34:38 | Computer Name = Wadysaw-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2013-07-27 03:34:41 | Computer Name = Wadysaw-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2013-07-27 03:47:27 | Computer Name = Wadysaw-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 22.0.0.4917, sygnatura czasowa 0x51c06b1b, moduł powodujący błąd xul.dll, wersja 22.0.0.4917, sygnatura czasowa 0x51c06a5b, kod wyjątku 0xc0000005, przesunięcie błędu 0x00173668, identyfikator procesu 0x1350, godzina rozpoczęcia aplikacji 0x01ce8a9d73c709d6. Error - 2013-07-27 03:47:59 | Computer Name = Wadysaw-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-07-27 03:47:59 | Computer Name = Wadysaw-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-07-27 03:48:00 | Computer Name = Wadysaw-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-07-27 04:19:51 | Computer Name = Wadysaw-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 22.0.0.4917, sygnatura czasowa 0x51c06b1b, moduł powodujący błąd xul.dll, wersja 22.0.0.4917, sygnatura czasowa 0x51c06a5b, kod wyjątku 0xc0000005, przesunięcie błędu 0x00173668, identyfikator procesu 0x3e4, godzina rozpoczęcia aplikacji 0x01ce8aa1e95ad7e6. Error - 2013-07-27 04:21:38 | Computer Name = Wadysaw-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd ProtectedSearch.exe, wersja 1.0.0.0, sygnatura czasowa 0x50d2c445, moduł powodujący błąd KERNEL32.dll, wersja 6.0.6002.18704, sygnatura czasowa 0x5065ccb6, kod wyjątku 0xe053534f, przesunięcie błędu 0x0003fc16, identyfikator procesu 0xHźH HźH , godzina rozpoczęcia aplikacji 0xHźH HźH . [ Broadcom Wireless LAN Events ] Error - 2013-07-02 16:23:20 | Computer Name = Wadysaw-PC | Source = WLAN-Tray | ID = 0 Description = 22:23:20, Tue, Jul 02, 13 Error - User "" does not have administrative privileges on this system [ System Events ] Error - 2009-06-06 02:48:08 | Computer Name = Wadysaw-PC | Source = HTTP | ID = 15016 Description = Error - 2009-06-06 02:48:23 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2009-06-06 02:48:23 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2009-06-06 02:48:23 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2009-06-07 04:06:45 | Computer Name = Wadysaw-PC | Source = HTTP | ID = 15016 Description = Error - 2009-06-07 04:07:10 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2009-06-07 04:07:10 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2009-06-07 04:07:10 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2009-06-07 04:12:57 | Computer Name = Wadysaw-PC | Source = HTTP | ID = 15016 Description = Error - 2009-06-07 04:13:16 | Computer Name = Wadysaw-PC | Source = Service Control Manager | ID = 7000 Description = < End of report >