OTL Extras logfile created on: 2012-09-25 20:20:47 - Run 4 OTL by OldTimer - Version 3.2.68.0 Folder = D:\bezpieczenstwo2 Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 1023,37 Mb Total Physical Memory | 513,61 Mb Available Physical Memory | 50,19% Memory free 2,40 Gb Paging File | 2,00 Gb Available in Paging File | 83,38% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 5,86 Gb Total Space | 1,21 Gb Free Space | 20,63% Space Free | Partition Type: NTFS Drive D: | 15,63 Gb Total Space | 0,71 Gb Free Space | 4,53% Space Free | Partition Type: NTFS Drive E: | 15,70 Gb Total Space | 0,03 Gb Free Space | 0,18% Space Free | Partition Type: NTFS Computer Name: ZXC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l .js [@ = JSFile] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\wazne-nie ruszac\firefox-12.0b6\firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l jsfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDBrowse] -- "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- "C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe" /dde (GP Software) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\utorrent.exe" = C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\utorrent.exe:*:Enabled:µTorrent "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies) "C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\utorrent_.exe" = C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\utorrent_.exe:*:Enabled:µTorrent -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{556DF27F-5B74-11D5-B876-004005E12EF1}" = GPSoftware Directory Opus "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}" = Ad-Aware SE Personal "{82CE6B7B-9665-4E29-8CE0-DD993484B38D}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{915153F8-1429-40AE-B005-E3BFA7097672}" = Audiggle "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio "{B510A987-487E-4C66-9F4F-D386AC275715}" = TextPad 4.7 "{CECE394E-1962-4BBC-9C04-7258A0542A44}" = Febooti fileTweak "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007 "{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1" = NeoDownloader 2.02 "7-Zip" = 7-Zip 4.42 "8663B5B9069C096791B6162C2B1B04053C00EBE6" = Windows Driver Package - Intel (w29n51) net (11/07/2006 9.0.4.27) "A2BACE4048444B1B2AE2318E9DA0617677769B99" = Windows Driver Package - Intel (NETw3x32) net (11/15/2006 10.5.1.75) "ACDSee" = ACDSee "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Software Uninstall Utility "AsfTools 3.1" = AsfTools 3.1 (remove only) "ATI Display Driver" = ATI Display Driver "CCleaner" = CCleaner (remove only) "CDisplay_is1" = CDisplay 1.8 "CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.9x Modem "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-06-26 "EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0) "Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up "Exact Audio Copy" = Exact Audio Copy 1.0beta1 "FLAC" = FLAC 1.2.1b (remove only) "foobar2000" = foobar2000 v0.9.4.3 "Halite_is1" = Halite 0.2.9 "HijackThis" = HijackThis 2.0.2 "InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller "IrfanView" = IrfanView (remove only) "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "MKVtoolnix" = MKVtoolnix 3.1.0 "Mp3tag" = Mp3tag v2.47b "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "Net Transport_is1" = Net Transport 1.91.271 "Notepad++" = Notepad++ "Opera 11.10.2092" = Opera 11.10 "Plus Internet_is1" = Plus Internet 2.3 "ProInst" = Intel PROSet Wireless "Puran Utilities_is1" = Puran Utilities 1.0.2 "ReNamer_is1" = ReNamer "SmartWhois" = SmartWhois "Tunatic" = Tunatic "uTorrent" = µTorrent "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "whereisit-wii_is1" = WhereIsIt? 3.81 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = Archiwizator WinRAR "XviD_is1" = XviD 1.1 final uninstall [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "TimeAdjuster" = Time Adjuster STANDARD 3.1 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-05 12:22:35 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application foxit_reader.exe, version 2.0.2007.1606, faulting module foxit_reader.exe, version 2.0.2007.1606, fault address 0x000e6299. Error - 2012-08-05 12:22:50 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application foxit_reader.exe, version 2.0.2007.1606, faulting module foxit_reader.exe, version 2.0.2007.1606, fault address 0x000e613f. Error - 2012-08-05 12:23:16 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application foxit_reader.exe, version 2.0.2007.1606, faulting module foxit_reader.exe, version 2.0.2007.1606, fault address 0x000e613f. Error - 2012-08-05 12:23:35 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application foxit_reader.exe, version 2.0.2007.1606, faulting module foxit_reader.exe, version 2.0.2007.1606, fault address 0x000e613f. Error - 2012-08-31 12:18:07 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module acdsee.exe, version 3.1.0.0, fault address 0x000a1562. Error - 2012-09-12 13:43:18 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module acdsee.exe, version 3.1.0.0, fault address 0x000a7f40. Error - 2012-09-12 14:00:45 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module acdsee.exe, version 3.1.0.0, fault address 0x000a7f40. Error - 2012-09-22 07:10:47 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module acdsee.exe, version 3.1.0.0, fault address 0x000bd844. Error - 2012-09-22 10:28:55 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application kbpiut63.exe, version 1.0.15.15641, faulting module kbpiut63.exe, version 1.0.15.15641, fault address 0x0000c676. Error - 2012-09-23 12:51:30 | Computer Name = ZXC | Source = Application Error | ID = 1000 Description = Faulting application acdsee.exe, version 3.1.0.0, faulting module acdsee.exe, version 3.1.0.0, fault address 0x00099856. [ System Events ] Error - 2012-09-25 12:14:28 | Computer Name = ZXC | Source = Print | ID = 23 Description = Printer HP DeskJet failed to initialize because a suitable HP DeskJet driver could not be found. Error - 2012-09-25 12:14:28 | Computer Name = ZXC | Source = Print | ID = 23 Description = Printer Microsoft Office Live Meeting 2007 Document Writer failed to initialize because a suitable Microsoft Office Live Meeting 2007 Document Writer Driver driver could not be found. Error - 2012-09-25 12:14:45 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 12:14:45 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 12:14:45 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 14:01:58 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 14:01:58 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 14:01:58 | Computer Name = ZXC | Source = DCOM | ID = 10016 Description = The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. Error - 2012-09-25 14:02:22 | Computer Name = ZXC | Source = Print | ID = 23 Description = Printer HP DeskJet failed to initialize because a suitable HP DeskJet driver could not be found. Error - 2012-09-25 14:02:22 | Computer Name = ZXC | Source = Print | ID = 23 Description = Printer Microsoft Office Live Meeting 2007 Document Writer failed to initialize because a suitable Microsoft Office Live Meeting 2007 Document Writer Driver driver could not be found. < End of report >