OTL Extras logfile created on: 2012-07-06 09:12:11 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\MZawadzak\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,72 Gb Available Physical Memory | 36,12% Memory free 4,00 Gb Paging File | 2,54 Gb Available in Paging File | 63,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 85,38 Gb Total Space | 61,53 Gb Free Space | 72,07% Space Free | Partition Type: NTFS Drive D: | 32,78 Gb Total Space | 32,69 Gb Free Space | 99,73% Space Free | Partition Type: NTFS Drive E: | 30,89 Gb Total Space | 30,81 Gb Free Space | 99,71% Space Free | Partition Type: NTFS Computer Name: MZAWADZAK-PC | User Name: MZawadzak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .js [@ = JSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) .jse [@ = JSEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) .vbe [@ = VBEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) .vbs [@ = VBSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) .wsf [@ = WSFFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) .wsh [@ = WSHFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E289413-E1F4-4318-8EBE-A6E39F7073CD}" = lport=139 | protocol=6 | dir=in | app=system | "{25B82AE8-26D6-4DFA-8CC7-CF07514BE91B}" = rport=137 | protocol=17 | dir=out | app=system | "{25DDEF93-7A32-4976-802E-1E09AD77FEC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{36CEC5DE-FA99-46F3-9053-E53E069EE13B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{36E98DD9-1AAD-408A-A23E-0A787E547EF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{54210BA5-5150-4574-B690-9CE4FC7F1958}" = rport=138 | protocol=17 | dir=out | app=system | "{5C38CEB1-E91A-42A1-9E79-A2D95026D635}" = lport=2869 | protocol=6 | dir=in | app=system | "{65B3B6DF-8DFA-47DE-AE37-7FF177236301}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{73448669-8C6B-41DB-917A-5DDFB8BF24E4}" = lport=445 | protocol=6 | dir=in | app=system | "{8BE2C51B-9A58-42E0-A3E0-3B72FE605650}" = lport=137 | protocol=17 | dir=in | app=system | "{B4E9801E-3A7C-4DAF-A546-CA07150E911B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B759524E-ABE7-4D0E-9DBF-8D2CB8D2163B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C624E320-EC8E-4B4C-94FA-EC8CFF91AA91}" = rport=445 | protocol=6 | dir=out | app=system | "{CA976BC0-B3ED-47C2-9C8D-11218012B5F9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D13DEB2D-80EA-4D69-8698-E248720E5D70}" = lport=138 | protocol=17 | dir=in | app=system | "{DEADAE4B-A6E6-46E5-8AEC-1647896AD886}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ED3CC260-55B4-48B6-963B-6748D1FACCC3}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{14639CE1-074A-45C6-8D0D-5E56032BB530}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{1FDD1E0D-CC97-4AC5-B775-1BBB5D7E6EB0}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | "{2203B319-A552-4DF9-ACCF-3B046B91CC51}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | "{3A5FAB99-9130-4361-BB75-1C02A7F4F597}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{553785EA-3D4C-4379-95DB-631B92CF630B}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{64EE927C-CEE3-4683-BAB0-2FB00B22613E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6C07812F-BB47-4320-AD2C-C702D91D68E6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6E16345D-C870-4DC7-AF35-448DED841650}" = protocol=6 | dir=in | app=c:\users\mzawadzak\appdata\local\google\google talk plugin\googletalkplugin.exe | "{9CD80CD4-E5F5-4C5D-8F90-D27BAD796F8A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{9F94BBBE-5249-48F1-B7D8-E3A29C8289BB}" = protocol=17 | dir=in | app=c:\users\mzawadzak\appdata\local\google\google talk plugin\googletalkplugin.exe | "{ACC46B9D-E1F7-404C-87FA-FAFB9A8569C5}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | "{AF2E14DC-DD24-46A4-ACFB-EF96FA656B4C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{BAE56C1F-7FB8-49B1-B70E-5A2AC06D6402}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BBA5CCCA-E17D-426C-9853-C147C7AB8855}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E71E9DE8-9B39-4FA5-93F1-FEAEAA4D2CA4}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{EB22DA2B-437C-451F-853C-D68FD8CF2F66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F781BBE2-DBC0-41C2-80AA-333B5C046413}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "TCP Query User{5E3F8FD8-2509-4D0F-93BE-E350FAC1D0BF}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{62564B02-4DF4-4218-8FCE-D7A7A2FA50B5}C:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe" = protocol=6 | dir=in | app=c:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe | "TCP Query User{BC8C69C9-ABD3-4C4A-BA59-CD9458D650A3}C:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe" = protocol=6 | dir=in | app=c:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe | "TCP Query User{F788ED63-42F3-4DC8-9510-633DEF815C10}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{1396758C-8388-4678-B81F-3B0AB3C7BB95}C:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe" = protocol=17 | dir=in | app=c:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe | "UDP Query User{B997FD3B-1E77-4AD8-8C2F-418DACF38EC7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{C4141FA1-D64A-410A-98A3-E1CC7A466A5D}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{CAF0A891-B320-4407-A5E0-C59D57BFE6DF}C:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe" = protocol=17 | dir=in | app=c:\program files\panda security\panda antivirus pro 2011\apvxdwin.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS "{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}" = NETGEAR WNA1000M Wireless USB 2.0 Adapter "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant "{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}" = pdfforge Toolbar v6.0 "{975C3A93-2491-3D44-A071-F6CBF153E46D}" = Google Talk Plugin "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{B1D3568D-BC21-4C50-92A5-2396570DF1DE}_is1" = Panda Secure Vault 5 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{D1999042-FC82-4098-96B8-510A857C8EA8}" = Google AdWords Editor "{DA4CCF2D-87DC-42AA-9BF4-5F4884B7A27B}" = NETGEAR WNA1000M Wireless USB 2.0 Adapter "{E55FB276-73C9-4776-AB53-BC028C0509ED}" = Panda Antivirus Pro 2011 "{E9637CBC-A784-4E9E-973C-47D05868B7FD}" = Panda Antivirus Pro 2011 "{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CCleaner" = CCleaner "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "FileZilla Client" = FileZilla Client 3.3.5.1 "Gadu-Gadu" = Gadu-Gadu 7.7 "Google Chrome" = Google Chrome "InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}" = NETGEAR WNA1000M Wireless USB 2.0 Adapter "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "Mozilla Thunderbird 13.0.1 (x86 pl)" = Mozilla Thunderbird 13.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "Opera 12.00.1467" = Opera 12.00 "Screaming Frog SEO Spider" = Screaming Frog SEO Spider "SiteMap Generator_is1" = SiteMap Generator 0.972 (beta) "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "Xenu's Link Sleuth" = Xenu's Link Sleuth [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-05 09:44:54 | Computer Name = mzawadzak-pc | Source = Google Update | ID = 20 Description = Error - 2012-07-05 09:44:58 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 9000 Description = Error - 2012-07-05 09:44:59 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 7040 Description = Error - 2012-07-05 09:44:59 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 9002 Description = Error - 2012-07-05 09:44:59 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 3029 Description = Error - 2012-07-05 09:45:02 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 3029 Description = Error - 2012-07-05 09:45:02 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 3028 Description = Error - 2012-07-05 09:45:02 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 3058 Description = Error - 2012-07-05 09:45:02 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 7010 Description = Error - 2012-07-05 09:45:02 | Computer Name = mzawadzak-pc | Source = Windows Search Service | ID = 7042 Description = [ System Events ] Error - 2012-01-13 03:42:35 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Search. Error - 2012-01-13 03:42:35 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1053 Error - 2012-01-13 03:42:35 | Computer Name = mzawadzak-pc | Source = DCOM | ID = 10005 Description = Error - 2012-01-13 11:57:32 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7023 Description = Usługa Panda On-Access Anti-Malware Service zakończyła działanie; wystąpił następujący błąd: %%1 Error - 2012-01-16 03:55:53 | Computer Name = mzawadzak-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error - 2012-01-16 03:57:42 | Computer Name = mzawadzak-pc | Source = DCOM | ID = 10005 Description = Error - 2012-01-16 03:57:42 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Search. Error - 2012-01-16 03:57:42 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1053 Error - 2012-01-16 11:45:43 | Computer Name = mzawadzak-pc | Source = Service Control Manager | ID = 7023 Description = Usługa Panda On-Access Anti-Malware Service zakończyła działanie; wystąpił następujący błąd: %%1 Error - 2012-01-17 03:36:02 | Computer Name = mzawadzak-pc | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 < End of report >