OTL Extras logfile created on: 2013-09-09 12:55:03 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Właściciel\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1022,92 Mb Total Physical Memory | 137,10 Mb Available Physical Memory | 13,40% Memory free
2,40 Gb Paging File | 1,42 Gb Available in Paging File | 58,92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 16,59 Gb Free Space | 56,65% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 44,73 Gb Free Space | 98,89% Space Free | Partition Type: NTFS
Drive F: | 14,94 Gb Total Space | 13,99 Gb Free Space | 93,66% Space Free | Partition Type: FAT32
 
Computer Name: TTT-2E93A879B61 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1417001333-746137067-1343024091-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe" = C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe:*:Enabled:WsysSvc
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18192D3F-5537-4560-AD89-D695F72AF91D}" = OpenOffice.org 3.4.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2FD94FBC-07AE-475C-B522-BFE899B9048E}" = Garmin WebUpdater
"{310A30F3-4301-3EFD-8756-1768A149410E}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (PLK)
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}" = hppQFolderCM1312
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{82137C51-8DD5-3F4A-9810-2158BFBBE923}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (PLK)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E4EFB3BD-3B1F-4D3C-AC0A-E443AC462729}" = ESET NOD32 Antivirus
"{E7E07F94-D7AA-3041-9B03-F3E18361FBBC}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (PLK)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FF8EC04D-9544-11D9-AAFC-0050BA1ACA6F}" = PagePro1380 MF
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Microsoft.Net.Client.3.5.LangPack.plk" = Pakiet językowy Microsoft .NET Framework Client Profile  — ENU
"Mozilla Firefox 23.0.1 (x86 pl)" = Mozilla Firefox 23.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NDT_is1" = NDT_8.2
"Power Management Driver" = ThinkPad Power Management Driver
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winmail Opener" = Winmail Opener 1.5
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-01-23 06:15:38 | Computer Name = TTT-2E93A879B61 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown 
 
Error - 2013-01-30 06:47:28 | Computer Name = TTT-2E93A879B61 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
 failed to unregister.  HRESULT -2147220472.  Contact your support personnel.
 
Error - 2013-01-30 06:48:14 | Computer Name = TTT-2E93A879B61 | Source = MsiInstaller | ID = 11905
Description = Produkt: hppSendFaxCM1312 -- Błąd 1905. Nie można wyrejestrować modułu
 C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\HppTcComMsg.dll.  HRESULT
 -2147220472.  Skontaktuj się z personelem obsługi technicznej. .
 
Error - 2013-01-30 06:48:14 | Computer Name = TTT-2E93A879B61 | Source = MsiInstaller | ID = 11905
Description = Produkt: hppSendFaxCM1312 -- Błąd 1905. Nie można wyrejestrować modułu
 C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\ltocx11n.ocx.  HRESULT 
-2147220472.  Skontaktuj się z personelem obsługi technicznej. .
 
Error - 2013-02-19 05:19:26 | Computer Name = TTT-2E93A879B61 | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
 aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
 wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
 bieżącego zegara systemowego lub sygnatury czasowej.  
 
Error - 2013-02-19 05:19:26 | Computer Name = TTT-2E93A879B61 | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
 aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
 wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
 bieżącego zegara systemowego lub sygnatury czasowej.  
 
Error - 2013-05-29 05:12:09 | Computer Name = TTT-2E93A879B61 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown 
 
Error - 2013-09-09 02:48:42 | Computer Name = TTT-2E93A879B61 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca mbam-setup-1.75.0.1300.tmp, wersja 51.52.0.0,
 moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
Error - 2013-09-09 05:37:16 | Computer Name = TTT-2E93A879B61 | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
 aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
 wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
 bieżącego zegara systemowego lub sygnatury czasowej.  
 
Error - 2013-09-09 05:38:34 | Computer Name = TTT-2E93A879B61 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd 2mirw7n9.exe, wersja 2.1.19163.0, moduł 
powodujący błąd 2mirw7n9.exe, wersja 2.1.19163.0, adres błędu 0x00012288.
 
[ System Events ]
Error - 2013-09-02 02:13:03 | Computer Name = TTT-2E93A879B61 | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.
 
Error - 2013-09-02 02:21:49 | Computer Name = TTT-2E93A879B61 | Source = Service Control Manager | ID = 7034
Description = Usługa Wsys Service niespodziewanie zakończyła pracę. Wystąpiło to
 razy: 1.
 
Error - 2013-09-02 02:26:25 | Computer Name = TTT-2E93A879B61 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2
 
Error - 2013-09-04 02:19:39 | Computer Name = TTT-2E93A879B61 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2
 
Error - 2013-09-04 02:20:16 | Computer Name = TTT-2E93A879B61 | Source = DCOM | ID = 10010
Description = Serwer {4EB61BAC-A3B6-4760-9581-655041EF4D69} nie zarejestrował się
 w modelu DCOM w wymaganym czasie.
 
Error - 2013-09-06 02:07:22 | Computer Name = TTT-2E93A879B61 | Source = DCOM | ID = 10010
Description = Serwer {4EB61BAC-A3B6-4760-9581-655041EF4D69} nie zarejestrował się
 w modelu DCOM w wymaganym czasie.
 
Error - 2013-09-06 10:01:30 | Computer Name = TTT-2E93A879B61 | Source = Dhcp | ID = 1000
Description = Komputer utracił połączenie dla swojego adresu IP 192.168.1.22 na 
karcie  sieciowej o adresie sieciowym 00054E4BED54.
 
Error - 2013-09-09 05:46:37 | Computer Name = TTT-2E93A879B61 | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
 limitu czasu.
 
Error - 2013-09-09 05:47:21 | Computer Name = TTT-2E93A879B61 | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
 limitu czasu.
 
Error - 2013-09-09 05:49:58 | Computer Name = TTT-2E93A879B61 | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
 limitu czasu.
 
 
< End of report >