OTL Extras logfile created on: 2010-11-24 13:36:29 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\OTL Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 165,00 Mb Available Physical Memory | 32,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 3,50 Gb Free Space | 14,36% Space Free | Partition Type: NTFS Drive D: | 50,11 Gb Total Space | 47,60 Gb Free Space | 94,99% Space Free | Partition Type: NTFS Computer Name: XXX | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.) "C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22 "{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2 "{5E06C076-E4E7-4239-A886-B3D8AC84C166}" = HP Print Diagnostic Utility "{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One Sterowniki "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Nawigator obrazów i fotografii HP 2.0 - All-in-One "{A05BE20E-6510-44BC-95ED-6E6D730407D3}" = Vplayer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series "{CD46DC63-8F35-401A-864E-E70131DBBD24}" = Stajnia Marzeń - Wiosenna przygoda "{DC17B2BE-BA6F-4696-8E5D-ED2A62981CDA}" = VP-EYE "{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}" = Need for Speed™ Most Wanted PC Demo "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Fabryka stworów, wersja próbna "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "2+2 v.2.1a" = 2+2 v.2.1a "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akademia jazdy konnej_is1" = Akademia jazdy konnej "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "Barbie(TM) - Salon Piękności" = Barbie(TM) - Salon Piękności "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "Gadu-Gadu" = Gadu-Gadu 7.7 "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Horsez_is1" = Horsez "HP PSC 1200 Series" = Nawigator obrazów i fotografii HP 2.0 - hp psc 1200 series "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Klawiatura_is1" = Klawiatura "Mozilla Firefox (3.5.14)" = Mozilla Firefox (3.5.14) "My Global Search Uninstall" = My Global Search Bar "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSS" = Norton Security Scan "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "RealPlayer 6.0" = RealPlayer "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Szkoła podstawowa klasa 6 – Przyroda" = Szkoła podstawowa klasa 6 – Przyroda "Świat Kucyków_is1" = Świat Kucyków 1.0 "Totalcmd" = Total Commander (Remove or Repair) "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar for Internet Explorer "Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver "WMV9_VCM" = Microsoft Windows Media Video 9 VCM [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1482476501-1645522239-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-10-01 07:34:44 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-01 13:42:14 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-01 13:42:23 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-01 13:44:04 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-01 13:44:27 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-01 13:44:39 | Computer Name = XXX | Source = Avira AntiVir | ID = 4118 Description = Error - 2010-10-04 05:42:40 | Computer Name = XXX | Source = Ci | ID = 4124 Description = Indeks zawartości na d:\system volume information\catalog.wci jest uszkodzony. Zamknij i ponownie uruchom Usługę indeksowania (cisvc). Error - 2010-10-04 05:42:40 | Computer Name = XXX | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na d:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-10-16 07:39:57 | Computer Name = XXX | Source = Ci | ID = 4124 Description = Indeks zawartości na d:\system volume information\catalog.wci jest uszkodzony. Zamknij i ponownie uruchom Usługę indeksowania (cisvc). Error - 2010-10-16 07:39:57 | Computer Name = XXX | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na d:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. [ OSession Events ] Error - 2010-04-20 10:34:54 | Computer Name = XXX | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3307 seconds with 1860 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010-10-14 08:30:43 | Computer Name = XXX | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2010-10-21 07:43:56 | Computer Name = XXX | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2010-10-21 07:44:07 | Computer Name = XXX | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2010-10-21 07:44:07 | Computer Name = XXX | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort1 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2010-10-21 07:44:28 | Computer Name = XXX | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort1 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2010-10-22 04:06:03 | Computer Name = XXX | Source = DCOM | ID = 10000 Description = Nie można uruchomić serwera DCOM: {80EE4901-33A8-11D1-A213-0080C88593A5}. Błąd: „%1450” wystąpił podczas uruchamiania tego polecenia: DfrgNtfs.exe -Embedding Error - 2010-10-22 04:56:01 | Computer Name = XXX | Source = DCOM | ID = 10000 Description = Nie można uruchomić serwera DCOM: {80EE4901-33A8-11D1-A213-0080C88593A5}. Błąd: „%1450” wystąpił podczas uruchamiania tego polecenia: DfrgNtfs.exe -Embedding Error - 2010-10-23 11:35:54 | Computer Name = XXX | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi NVSvc. Error - 2010-10-24 04:33:09 | Computer Name = XXX | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi NVSvc. Error - 2010-10-25 03:56:23 | Computer Name = XXX | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi NVSvc. < End of report >