OTL Extras logfile created on: 2012-07-30 16:23:48 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\KG\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 253,25 Mb Available Physical Memory | 24,74% Memory free 2,40 Gb Paging File | 1,59 Gb Available in Paging File | 66,17% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 49,51 Gb Free Space | 50,70% Space Free | Partition Type: NTFS Computer Name: ANGELIKA | User Name: KG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1292428093-602162358-1801674531-1004\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- C:\Documents and Settings\KG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{12A96BCD-94F3-4842-BBFB-9957D678B4D4}" = e-CAS "{1F507073-75D3-4900-9200-9973517FC57A}" = PBX Unified Maintenance Console "{1FAF0F08-7120-4192-BF6A-B1EC7E26A935}" = UPSVCMM "{2232C5FA-6FB6-43AB-AE03-52594F1022E7}" = Programer Fama Standard "{2511D82C-2688-41C2-ABF8-AF237795989B}" = pdfforge Toolbar v6.2 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{2A033A00-FE0D-4609-B0E8-2C49CC494FC8}" = WorldShip "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{33035862-543C-4405-9CC6-08593CF2C25F}" = ReportServer "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{390160B4-D276-4A04-8002-8D3101A0D367}" = UPSICC "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{43592B2E-C393-433F-8D0E-5A4B15A8C786}" = Microsoft Antimalware Service PL-PL Language Pack "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{49272E0B-CF97-4BD6-85A0-9B1C59495850}_is1" = Able2Extract 7.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client PL-PL Language Pack "{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}" = Oprogramowanie Panasonic Multi-Function Station "{56B59C2A-EFB8-44AC-88F5-3280171E4522}" = PolicyManager "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{58B785A2-D2CA-40AA-AE89-FCC49326CDC4}" = OpenOffice.org 3.2 "{5AE59A84-B2F3-42CC-A246-5AF80F6EE770}" = Reconciler "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{68AF09E3-1167-4771-903C-CCCDCF7E171C}" = NRF "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A69D94E-C569-4154-9643-72E94D1DDFDA}" = XPS Essentials Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{81ED9FEC-123F-47E1-AC89-BC5F8BA318C8}" = Programer Fama Pro "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C5BD501-AD5D-4A75-9321-076509B438FC}" = WebHelp "{8D0F79F4-0B4F-4263-B885-BA18174BD15E}" = BALANCE Lite "{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer "{90140000-006D-0415-0000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English "{91170415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003 "{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}" = Brother MFL-Pro Suite "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95749C5B-BC37-41E3-8D39-EEF4C21A2825}" = CCC "{96327C3C-96BE-4C7A-A6F7-A71635E5949A}" = Microsoft SQL Server 2005 Backward compatibility "{980EC6D7-A345-4489-A915-39CC50F37EC2}" = BizAgi Process Modeler "{99C61552-08FD-4A64-9DEE-9B1A6782DF39}" = Multi-Function Station Operating Instruction "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BC728F95-2D3F-4D05-9E1E-F2A3CEBF3FE8}" = FormsComponent "{BE70E819-388D-40CD-B0BF-3C97FFA388FC}" = Gigaset WLAN Adapter "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C30E30A6-0AB5-470A-AB67-D322938F5429}" = SupportUtility "{C3CF41F1-0373-4DD7-BE99-F33B00E51045}" = Nero 7 Essentials "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{C9D43B38-34AD-4EC2-B696-46F42D49D174}" = MSIChecker "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D44E7219-947E-4F1B-830E-66EF11ACC543}" = NA1Messenger "{DB2C58E0-6284-4B48-97F2-22A980B6360B}" = System "{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0 "{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}" = UPSlinkHTTP "{EA9629DA-5715-48BA-B054-28169702B176}" = FOSS "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{EF5B455C-7FAA-4978-BB92-29CEBD013C9C}" = KX-TE Maintenance Console "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Able2Extract v6.0" = Able2Extract v6.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AQQ" = WapSter AQQ "Button Generator_is1" = Button Generator v1.0.3 "CSVed_is1" = CSVed 2.1.4 "DRUKI IPS_is1" = DRUKI IPS "Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2 "Foxit PDF Editor" = Foxit PDF Editor "Gadu-Gadu 10" = Gadu-Gadu 10 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{980EC6D7-A345-4489-A915-39CC50F37EC2}" = BizAgi Process Modeler "InstallShield_{BE70E819-388D-40CD-B0BF-3C97FFA388FC}" = Gigaset WLAN Adapter "InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0 "IrfanView" = IrfanView (remove only) "Lexmark Pro5500 Series" = Lexmark Pro5500 Series Program odinstalowujący "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23) "MozillaMaintenanceService" = Mozilla Maintenance Service "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "Simpo PDF Password Remover_is1" = Simpo PDF Password Remover 1.0.0.0 "SMPlayer" = SMPlayer 0.8.0 "Totalcmd" = Total Commander (Remove or Repair) "UPS WorldShip" = UPS WorldShip "Windows Media Format Runtime" = Windows Media Format Runtime "WinGimp-2.0_is1" = GIMP 2.6.11 "Winmail Opener" = Winmail Opener 1.4 "WinRAR archiver" = Archiwizator WinRAR "XpsEP" = XPS Essentials Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1292428093-602162358-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Advanced PDF Password Recovery" = Advanced PDF Password Recovery "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-26 09:00:56 | Computer Name = ANGELIKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd acrord32.exe, wersja 6.0.1.1091, moduł powodujący błąd acrord32.exe, wersja 6.0.1.1091, adres błędu 0x00150bd4. Error - 2012-07-26 11:24:03 | Computer Name = ANGELIKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113c0. Error - 2012-07-27 03:03:06 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-27 06:24:03 | Computer Name = ANGELIKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113c0. Error - 2012-07-30 02:54:42 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-30 04:40:14 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-30 04:52:20 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-30 06:57:08 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-30 07:29:37 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. Error - 2012-07-30 07:44:58 | Computer Name = ANGELIKA | Source = CVHSVC | ID = 100 Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError. [ System Events ] Error - 2012-07-30 04:51:41 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 04:51:42 | Computer Name = ANGELIKA | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2012-07-30 09:25:10 | Computer Name = ANGELIKA | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\D wystąpił zły blok. Error - 2012-07-30 09:25:11 | Computer Name = ANGELIKA | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\D wystąpił zły blok. Error - 2012-07-30 09:25:11 | Computer Name = ANGELIKA | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\D wystąpił zły blok. < End of report >