OTL Extras logfile created on: 02.11.2012 09:14:32 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy 1014,42 Mb Total Physical Memory | 464,47 Mb Available Physical Memory | 45,79% Memory free 2,38 Gb Paging File | 2,00 Gb Available in Paging File | 83,73% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 132,28 Gb Free Space | 88,75% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: PLANOWANIE2 | User Name: planowanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\UltraVNC\winvnc.exe" = C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:UltraVNC Server -- (UltraVNC) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation) "C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation) "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{050F029F-2AC5-4438-858D-B5B273262239}_is1" = Drukuj wpłata-przelew "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio Data Module "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD Plus "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{5AF71003-1797-4D93-9F37-4F2125CBF539}" = Microsoft .NET Framework 2.0 Language Pack - PLK "{5BA16F95-7015-48C1-BBDB-5CBE00D0CE7E}" = OpenOffice.org 2.4 "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.2 "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio Audio Module "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio Copy Module "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}" = LightScribe System Software 1.12.29.2 "{EC561602-C0B9-4FAA-A175-1B3273639AC3}" = MySQL Tools for 5.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FB8A4E30-9915-4814-ADF9-42E00D9FDC3D}" = Symantec Endpoint Protection "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "HDMI" = Intel(R) Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - PLK" = Microsoft .NET Framework 2.0 — pakiet języka polskiego "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "PDF Complete" = PDF Complete "PIT 2009 z Gazetą Wyborczą_is1" = PIT 2009 z Gazetą Wyborczą ver. 6.0.1.0 "Pity Format 2010_is1" = Pity Format 2010 "PROSet" = Intel(R) PRO Network Connections Drivers "Rozliczenie Roczne Rzeczpospolitej 2010" = Rozliczenie Roczne Rzeczpospolitej 2010 "Totalcmd" = Total Commander (Remove or Repair) "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 02.11.2012 02:22:12 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 02:22:27 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 03:40:24 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 03:41:57 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 03:42:52 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd matrix_3_9_2.exe, wersja 3.9.2.584, moduł powodujący błąd matrix_3_9_2.exe, wersja 3.9.2.584, adres błędu 0x00041ff2. Error - 02.11.2012 03:53:47 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 03:54:41 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 03:57:22 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 04:02:11 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. Error - 02.11.2012 04:06:55 | Computer Name = PLANOWANIE2 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, moduł powodujący błąd infozdroje_6_12_11_1.exe, wersja 6.12.11.1669, adres błędu 0x0003c1e1. < End of report >