OTL Extras logfile created on: 2014-12-13 11:10:39 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\BOREK\Moje dokumenty\Pobrane Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 893,97 Mb Total Physical Memory | 340,96 Mb Available Physical Memory | 38,14% Memory free 2,12 Gb Paging File | 1,66 Gb Available in Paging File | 78,38% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 147,58 Gb Total Space | 25,67 Gb Free Space | 17,39% Space Free | Partition Type: NTFS Computer Name: BOREK-1 | User Name: BOREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation) "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR "{0DCCE3F4-E888-40E8-8AE5-CF8058F25631}" = DVC5.1 Driver "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11 "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 51 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver "{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{7B76034B-B3ED-46D5-8C66-DEB102CB830A}" = ATI Catalyst Control Center "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{913E2B02-1BA9-4B38-991B-31C717F9D00C}" = e-Deklaracje Desktop "{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Wyciszacz napędu CD/DVD "{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.11) - Polish "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "Agere Systems Soft Modem" = TOSHIBA Software Modem "All ATI Software" = ATI - Software Uninstall Utility "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "ATI Display Driver" = ATI Display Driver "avast" = Avast Free Antivirus "CCleaner" = CCleaner "Defraggler" = Defraggler "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "eMule" = eMule "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu" = Gadu-Gadu 7.7 "HijackThis" = HijackThis 2.0.2 "HP Photo & Imaging" = HP Image Zone 4.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 34.0 (x86 pl)" = Mozilla Firefox 34.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nero - Burning Rom!UninstallKey" = Nero OEM "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "RealAlt_is1" = Real Alternative 1.8.0 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "War2Combat_is1" = War2Combat 3.05 "Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-1343024091-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2008-04-08 01:56:57 | Computer Name = BOREK-1 | Source = avast! | ID = 33554522 Description = Error - 2008-12-27 06:43:04 | Computer Name = BOREK-1 | Source = avast! | ID = 33554522 Description = Error - 2009-11-07 13:19:56 | Computer Name = BOREK-1 | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 2014-05-25 05:10:12 | Computer Name = BOREK-1 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WINWORD.EXE, wersja 11.0.8169.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2014-05-27 05:39:18 | Computer Name = BOREK-1 | Source = Microsoft Office 11 | ID = 2001 Description = Rejected Safe Mode action : Microsoft Office Word. Error - 2014-05-28 13:00:37 | Computer Name = BOREK-1 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca msimn.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2014-09-28 08:45:40 | Computer Name = BOREK-1 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 32.0.2.5373, moduł powodujący błąd mozalloc.dll, wersja 32.0.2.5373, adres błędu 0x0000141b. Error - 2014-10-19 02:35:01 | Computer Name = BOREK-1 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Nieprawidłowe dane. Error - 2014-11-22 04:57:23 | Computer Name = BOREK-1 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 33.1.1.5430, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2014-11-22 04:57:32 | Computer Name = BOREK-1 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 33.1.1.5430, moduł powodujący błąd mozalloc.dll, wersja 33.1.1.5430, adres błędu 0x00001425. Error - 2014-11-23 09:37:44 | Computer Name = BOREK-1 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca subedit.exe, wersja 1.0.0.4060, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2014-12-12 06:06:14 | Computer Name = BOREK-1 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2014-12-12 06:06:14 | Computer Name = BOREK-1 | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. [ System Events ] Error - 2014-12-12 09:34:53 | Computer Name = BOREK-1 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2014-12-12 09:37:49 | Computer Name = BOREK-1 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2014-12-12 09:38:03 | Computer Name = BOREK-1 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2014-12-12 09:38:25 | Computer Name = BOREK-1 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2014-12-12 09:38:35 | Computer Name = BOREK-1 | Source = atapi | ID = 262153 Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego limitu czasu. Error - 2014-12-13 02:46:20 | Computer Name = BOREK-1 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2014-12-13 02:46:29 | Computer Name = BOREK-1 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AmdK8 aswRvrt aswSnx aswSP aswTdi aswVmm Fips Error - 2014-12-13 02:49:18 | Computer Name = BOREK-1 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2014-12-13 02:53:40 | Computer Name = BOREK-1 | Source = ipnathlp | ID = 32003 Description = Translator adresów sieciowych (NAT) nie może zażądać wykonania operacji przez moduł tłumaczący, pracujący w trybie jądra. Może to wskazywać na błąd konfiguracji, niewystarczające zasoby lub na błąd wewnętrzny. Dane zawierają kod błędu. Error - 2014-12-13 03:09:18 | Computer Name = BOREK-1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Image Acquisition (WIA) z powodu następującego błędu: %%1083 < End of report >