OTL Extras logfile created on: 2012-07-11 07:34:25 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\Radziu\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 447,23 Mb Total Physical Memory | 63,53 Mb Available Physical Memory | 14,20% Memory free 1,03 Gb Paging File | 0,65 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 28,10 Gb Free Space | 75,41% Space Free | Partition Type: NTFS Drive D: | 37,27 Gb Total Space | 34,46 Gb Free Space | 92,46% Space Free | Partition Type: NTFS Computer Name: STACJA9 | User Name: Radziu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1177238915-1637723038-839522115-1004\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programy\Gadu-Gadu\gg.exe" = C:\Programy\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (sms-express.com) "D:\ze starego komputera\Programy\Gadu-Gadu\gg.exe" = D:\ze starego komputera\Programy\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny "C:\Programy\totalcm\TOTALCMD.EXE" = C:\Programy\totalcm\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (C. Ghisler & Co.) "D:\Nowy folder\Gadu-Gadu\gg.exe" = D:\Nowy folder\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny "C:\Program Files\Kadu\kadu.exe" = C:\Program Files\Kadu\kadu.exe:*:Enabled:Komunikator Kadu -- (Kadu Team) "C:\Documents and Settings\Radziu\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Documents and Settings\Radziu\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH) "C:\Program Files\GetX\GetX.exe" = C:\Program Files\GetX\GetX.exe:*:Enabled:GetX [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001b4fd-9ea3-4d90-a79e-fd14ba3ab01d}" = PDFCreator "{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp "{0F40754C-F1FD-43df-B73E-9DA38399CDD6}" = hpf_ProductContext "{14A67CE0-4F30-4607-885B-43EE27BAC746}" = Readme "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus "{2ba00471-0328-3743-93bd-fa813353a783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2fc099bd-ac9b-33eb-809c-d332e1b27c40}" = Microsoft .NET Framework 3.5 "{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35E7A746-03D5-4461-9D98-0326B889C81D}" = ESET NOD32 Antivirus "{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite DCP-7055 "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer "{6F206B58-E2F7-4A70-ACAC-8E0ABFBC62F6}" = MySQL Connector/ODBC 5.1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update "{7ADE9F27-A175-447F-A4B4-B05FA82735E1}" = HP Deskjet 6900 series (plk) "{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87F59A07-55EE-415E-A966-31F3D8B6B7AD}" = LP6940_Help "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DC6CA16-9B4E-4C10-95EE-2BD91EB0290C}" = LP6940Trb "{8E8365D0-C7AE-3CA2-9BCC-7A6644428166}" = e-Deklaracje Desktop "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{91130415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime "{975C8028-51D8-44A9-9585-82E9810FE96A}" = hp LaserJet 1000 "{9C209B30-F71F-4c53-8D26-453208EC8E91}" = dj6940 "{a05be20e-6510-44bc-95ed-6e6d730407d3}" = Vplayer "{A0B139A7-E8D5-49E8-A7BF-12421E652208}" = pdfforge Toolbar v4.3 "{AAA11090-6E99-4655-AAF5-57EB5F677D0C}" = MarketResearch "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{b508b3f1-a24a-32c0-b310-85786919ef28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{b966a6eb-daa0-428a-9ece-bf5ddec6d2d2}" = Kadu 0.6.5.3 "{CB1F3886-AE9F-46fb-8325-6B0718989285}" = dj_taplugin "{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}" = HP Photosmart Essential "{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}" = Nuance PaperPort 12 "{DA819210-2586-4686-B84D-92EAA69CEAD8}" = PCPR 2.3.0 "{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant "{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg "{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) "7-Zip" = 7-Zip 9.20 "ac3filter" = AC3Filter (remove only) "Adobe AIR" = Adobe AIR "adobe flash player activex" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Digital Editions" = Adobe Digital Editions "Easy Gif Animator Extension" = Easy Gif Animator Extension "Easy GIF Animator_is1" = Easy GIF Animator 5.1 "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "ffdshow" = ffdshow (remove only) "free ps convert driver_is1" = Free PS Convert driver 8.15 "hd tune_is1" = HD Tune 2.55 "hijackthis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0 "HPExtendedCapabilities" = HP Extended Capabilities 6.0 "ie8" = Windows Internet Explorer 8 "IMM4 Codec_is1" = IMM4 VCM Codec 1.0.0.10 "IrfanView" = IrfanView (remove only) "malwarebytes' anti-malware_is1" = Malwarebytes' Anti-Malware "microsoft .net framework 3.5" = Microsoft .NET Framework 3.5 "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "Mozilla Firefox 4.0b11 (x86 pl)" = Mozilla Firefox 4.0b11 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "PITy 2009_is1" = PITy 2009 dla Windows kompilacja:1.1.2.14 "PITy 2010_is1" = PITy 2010 dla Windows kompilacja:1.2.6.12 "PITy 2011_is1" = PITy 2011 dla Windows kompilacja:1.3.3.2 "Totalcmd" = Total Commander (Remove or Repair) "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.44-5 "winisd beta" = WinISD beta "WinRAR archiver" = Archiwizator WinRAR "xpsepsc" = XML Paper Specification Shared Components Pack 1.0 "xviddec" = Nic's XviD Decoder 230203 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-09 01:45:31 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:31 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:32 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:32 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:32 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:34 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:36 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:37 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:38 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. Error - 2012-07-09 01:45:38 | Computer Name = STACJA9 | Source = MsiInstaller | ID = 11321 Description = Product: HiJackThis -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe. [ System Events ] Error - 2012-07-11 01:08:56 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-07-11 01:09:00 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-07-11 01:09:03 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-07-11 01:09:10 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 2012-07-11 01:09:10 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-07-11 01:10:00 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-07-11 01:11:36 | Computer Name = STACJA9 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-07-11 01:12:39 | Computer Name = STACJA9 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Aktualizacje automatyczne z powodu następującego błędu: %%2 Error - 2012-07-11 01:37:10 | Computer Name = STACJA9 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort2 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2012-07-11 01:39:40 | Computer Name = STACJA9 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort2 nie odpowiedziało w ramach ustalonego limitu czasu. < End of report >