OTL Extras logfile created on: 2011-08-23 19:15:05 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Olenka\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 76,07% Memory free 2,34 Gb Paging File | 2,03 Gb Available in Paging File | 86,45% Paging File free Paging file location(s): C:\pagefile.sys 512 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69,94 Gb Total Space | 56,60 Gb Free Space | 80,93% Space Free | Partition Type: NTFS Drive D: | 152,93 Gb Total Space | 122,26 Gb Free Space | 79,95% Space Free | Partition Type: NTFS Drive E: | 1,89 Gb Total Space | 0,73 Gb Free Space | 38,72% Space Free | Partition Type: FAT Drive H: | 968,38 Mb Total Space | 349,84 Mb Free Space | 36,13% Space Free | Partition Type: FAT Computer Name: BABOCZEK | User Name: Olenka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1659004503-1604221776-1417001333-1004\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Przeglądaj w XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 1 "DisableThumbnailCache" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "C:\Program Files\SPSSInc\Statistics17\statistics.exe" = C:\Program Files\SPSSInc\Statistics17\statistics.exe:*:Disabled:Statistics17:exe "C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe" = C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor "C:\Program Files\SPSSInc\Statistics17\statistics.com" = C:\Program Files\SPSSInc\Statistics17\statistics.com:*:Disabled:Statistics17:com "C:\Documents and Settings\Olenka\Pulpit\Flash-Player.exe" = C:\Documents and Settings\Olenka\Pulpit\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Olenka\Pulpit\Flash-Player.exe "C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack "{5081528F-5DD5-49BA-8213-9A6A13502497}" = Sentinel System Driver 5.41.1 (32-bit) "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = PLAY ONLINE "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "CCleaner" = CCleaner "ENTERPRISE" = Microsoft Office Enterprise 2007 "Foxit Reader" = Foxit Reader "ie8" = Windows Internet Explorer 8 "LPCO" = Intel(R) Graphics Media Accelerator 500 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "PLAY ONLINE" = PLAY ONLINE "RealJukebox 1.0" = RealJukebox "RealPlayer 6.0" = RealPlayer Basic "SynTPDeinstKey" = Synaptics Pointing Device Driver "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "XnView_is1" = XnView 1.97.6 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1659004503-1604221776-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-08-13 12:52:33 | Computer Name = BABOCZEK | Source = ESENT | ID = 485 Description = wuauclt (3748) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja usuwania pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error - 2011-08-14 05:25:19 | Computer Name = BABOCZEK | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2011-08-14 06:42:07 | Computer Name = BABOCZEK | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2011-08-14 12:09:38 | Computer Name = BABOCZEK | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2011-08-14 12:26:10 | Computer Name = BABOCZEK | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2011-08-14 14:47:20 | Computer Name = BABOCZEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0365b370. Error - 2011-08-16 05:41:01 | Computer Name = BABOCZEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x02305860. Error - 2011-08-17 10:02:17 | Computer Name = BABOCZEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca xnview.exe, wersja 1.97.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-08-19 04:15:08 | Computer Name = BABOCZEK | Source = MPSampleSubmission | ID = 5000 Description = EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 1.1.7604.0, P3 1.111.159.0, P4 1.111.159.0, P5 2000dab300b5bc92_b64590f41793a4e89a938aae9e440647a8009794, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL. Error - 2011-08-22 08:43:44 | Computer Name = BABOCZEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OIS.EXE, wersja 12.0.6413.1000, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ OSession Events ] Error - 2010-08-07 17:37:45 | Computer Name = BABOCZEK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6052 seconds with 2880 seconds of active time. This session ended with a crash. Error - 2011-03-25 06:25:15 | Computer Name = BABOCZEK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 552 seconds with 480 seconds of active time. This session ended with a crash. [ System Events ] Error - 2011-08-22 09:54:01 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-22 14:07:56 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-22 16:48:58 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-22 16:53:50 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-22 16:55:24 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-23 12:49:49 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-23 13:08:37 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7034 Description = Usługa srviecheck niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-08-23 13:08:37 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7034 Description = Usługa srvbtcclient niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-08-23 13:10:38 | Computer Name = BABOCZEK | Source = Service Control Manager | ID = 7023 Description = Usługa Microsoft Antimalware Service zakończyła działanie; wystąpił następujący błąd: %%2147942402 Error - 2011-08-23 13:10:38 | Computer Name = BABOCZEK | Source = sr | ID = 1 Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001' podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało zatrzymane monitorowanie woluminu. < End of report >