OTL Extras logfile created on: 2012-02-27 21:35:55 - Run 4 OTL by OldTimer - Version 3.2.33.2 Folder = C:\P LOGI Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,98 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 77,25% Memory free 3,82 Gb Paging File | 3,48 Gb Available in Paging File | 90,97% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 59,06 Gb Total Space | 38,67 Gb Free Space | 65,48% Space Free | Partition Type: NTFS Drive D: | 76,16 Gb Total Space | 44,87 Gb Free Space | 58,92% Space Free | Partition Type: NTFS Drive E: | 78,12 Gb Total Space | 77,87 Gb Free Space | 99,67% Space Free | Partition Type: NTFS Computer Name: GABRYSIA | User Name: Pc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l .reg [@ = regfile] -- regedit.exe "%1" [HKEY_USERS\S-1-5-21-1645522239-2052111302-839522115-1004\SOFTWARE\Classes\] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .scr [@ = scrfile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\klient\klient.exe" = C:\Program Files\klient\klient.exe:*:Enabled:Klient systemu ODGiK-net -- (Usługi Informatyczne dla Geodetów - dr inż Jacek Derwisz) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\HPWSTBX.exe" = C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\HPWSTBX.exe:*:Enabled:Toolbox for HP Printing System for Windows -- (Hewlett-Packard Company) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001 "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}" = Microsoft Works "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack "{5265664F-6128-405C-9225-9782A85954FD}" = Plustek USB Scanner "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5783F2D7-0201-0415-0002-0060B0CE6BBA}" = AutoCAD 2004 "{5783F2D7-0211-0409-0000-0060B0CE6BBA}" = AutoCAD Express Tools Volumes 1-9 "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{670A2206-F20A-490C-8C13-25EA88BF8E53}_is1" = e-pity 2010 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{AC76BA86-7AD7-1045-7B44-A70500000002}" = Adobe Reader 7.0.5 - Polish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BDC81E50-44D3-4FD0-BE95-772DDA1A1C7C}" = OpenOffice.ux.pl 2.3.1 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 "{EE074561-3C0A-4B6A-B4A5-09CD69E1DDF0}" = HP Deskjet 1280 "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0FC1E09-AF67-47BC-9E61-90ECFEB4CE82}" = OLYMPUS Master 2 "0AAD16715A341564716CE9901E2911A02B1EB808" = Pakiet sterowników systemu Windows - AnyDATA Corporated (adusbser) Modem (09/21/2006 2.0.3.2) "5C49EB77B7315FA2E925C43BA449BB322C4D9418" = Pakiet sterowników systemu Windows - AnyDATA Corporation (adusbser) Ports (09/21/2006 2.0.3.2) "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AIMP2" = AIMP2 "Autodesk Express Viewer" = Autodesk Express Viewer "CdaC13Ba" = SafeCast Shared Components "DRUKI IPS_is1" = DRUKI IPS "Easy Wireless Net" = Easy Wireless Net V3.127.09 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HECI" = Intel(R) Management Engine Interface "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 2.2.5 "Konwerter_0" = Konwerter Nowy Dwor Maz 1.10 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "MikroMap" = MikroMap "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Opera 11.61.1250" = Opera 11.61 "Operat" = Operat "PDF To BMP JPG TIFF Converter_is1" = PDF to BMP JPG TIFF Converter 2.32 "Program Pit 2009 - rozliczenie roczne podatku dochodowego_is1" = Program Pit 2009 - wersja 3.0.0.10 "Samsung ML-2010 Series" = Samsung ML-2010 Series "ST6UNST #1" = ODGiK-net - klient dla Win98/Me/NT/2000/XP "SubEdit-Player_is1" = SubEdit-Player "Vividas Player Plugin_is1" = Vividas Player Plugin v4.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinKalk" = WinKalk "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-02-26 17:14:31 | Computer Name = GABRYSIA | Source = JavaQuickStarterService | ID = 1 Description = Error - 2012-02-26 17:14:33 | Computer Name = GABRYSIA | Source = PerfNet | ID = 2002 Description = Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2012-02-26 17:25:29 | Computer Name = GABRYSIA | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2012-02-26 18:03:33 | Computer Name = GABRYSIA | Source = JavaQuickStarterService | ID = 1 Description = Error - 2012-02-26 18:03:36 | Computer Name = GABRYSIA | Source = PerfNet | ID = 2002 Description = Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2012-02-26 18:10:05 | Computer Name = GABRYSIA | Source = PerfNet | ID = 2002 Description = Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2012-02-26 18:19:33 | Computer Name = GABRYSIA | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2012-02-27 15:54:19 | Computer Name = GABRYSIA | Source = PerfNet | ID = 2002 Description = Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2012-02-27 16:04:19 | Computer Name = GABRYSIA | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL. Error - 2012-02-27 16:32:17 | Computer Name = GABRYSIA | Source = PerfNet | ID = 2002 Description = Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2012-02-27 16:04:20 | Computer Name = GABRYSIA | Source = Microsoft Antimalware | ID = 2001 Description = Program %%860 napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.119.2291.0 Źródło aktualizacji: %%851 Etap aktualizacji %%852 Ścieżka źródła: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.8001.0&avdelta=1.119.2291.0&asdelta=1.119.2291.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Typ podpisu: %%801 Typ aktualizacji: %%803 Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.8001.0 Kod błędu: 0x80072ee7 Opis błędu: The server name or address could not be resolved Error - 2012-02-27 16:32:06 | Computer Name = GABRYSIA | Source = Workstation | ID = 5727 Description = Nie można załadować sterownika urządzenia MRxSmb. Error - 2012-02-27 16:32:06 | Computer Name = GABRYSIA | Source = Workstation | ID = 5727 Description = Nie można załadować sterownika urządzenia RDR. Error - 2012-02-27 16:32:18 | Computer Name = GABRYSIA | Source = Service Control Manager | ID = 7024 Description = Usługa Stacja robocza zakończyła działanie; wystąpił specyficzny dla niej błąd 2250 (0x8CA). Error - 2012-02-27 16:32:18 | Computer Name = GABRYSIA | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu: %%1066 Error - 2012-02-27 16:32:19 | Computer Name = GABRYSIA | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: MRxSmb pavboot Error - 2012-02-27 16:32:23 | Computer Name = GABRYSIA | Source = Workstation | ID = 5727 Description = Nie można załadować sterownika urządzenia MRxSmb. Error - 2012-02-27 16:32:23 | Computer Name = GABRYSIA | Source = Workstation | ID = 5727 Description = Nie można załadować sterownika urządzenia RDR. Error - 2012-02-27 16:32:23 | Computer Name = GABRYSIA | Source = Service Control Manager | ID = 7024 Description = Usługa Stacja robocza zakończyła działanie; wystąpił specyficzny dla niej błąd 2250 (0x8CA). Error - 2012-02-27 16:32:23 | Computer Name = GABRYSIA | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Stacja robocza, której nie można uruchomić z powodu następującego błędu: %%1066 < End of report >