OTL Extras logfile created on: 2013-10-18 19:30:35 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = F:\vir Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 610,46 Mb Available Physical Memory | 59,65% Memory free 2,40 Gb Paging File | 1,85 Gb Available in Paging File | 77,03% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 60,00 Gb Total Space | 26,96 Gb Free Space | 44,93% Space Free | Partition Type: NTFS Drive F: | 238,08 Gb Total Space | 231,37 Gb Free Space | 97,18% Space Free | Partition Type: NTFS Computer Name: TADEK-2009-03 | User Name: Tadek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-796845957-2111687655-839522115-1003\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Documents and Settings\Tadek\Dane aplikacji\File Scout\filescout.exe" /open "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard "{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload "{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{41564952-412D-5637-00A7-A758B70C0202}" = Avira SearchFree Toolbar plus Web Protection "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy "{561ECD12-526E-4BD2-9194-5BA6A10E9986}" = Pit Pro 2011 "{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg "{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch "{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B "{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware "{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C9DDCAA-91E1-4DAA-BC65-68BD80546B98}}_is1" = PIT-OPP 2011 "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme "{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1" = Tetris "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B01E1F18-E453-4B6B-BD2E-8F2F6CCFEBF5}" = Samsung PC Studio 3 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype "{B7C79672-0CE8-4EA1-BEB5-1D9019B9DADB}_is1" = PIT-OPP 2012 wersja 1.0.3 "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan "{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb "{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant "{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express "{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03 "{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) "6194C28A8F62DD817EA1B918E6E46E806A21B452" = Pakiet sterowników systemu Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) "65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Pakiet sterowników systemu Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazing Tetris" = Amazing Tetris "Ares" = Ares 2.1.1 "ATI Display Driver" = ATI Display Driver "Atomica Deluxe" = Atomica Deluxe "AVIcodec" = AVIcodec (remove only) "Avira AntiVir Desktop" = Avira Free Antivirus "delta" = Delta toolbar "Delta Chrome Toolbar" = Delta Chrome Toolbar "DrTaxPL_Lite_2011" = Dr. Tax Light - PIT 2011 11.3.12 "eMule Plus_is1" = eMule Plus 1.2d "Gadu-Gadu" = Gadu-Gadu 7.7 "GameDesire-Boards" = GameDesire-Boards "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HD Tune_is1" = HD Tune 2.55 "HP Imaging Device Functions" = HP Imaging Device Functions 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3 "HPExtendedCapabilities" = HP Extended Capabilities 5.3 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "Jewel Quest" = Jewel Quest "Kingdom Elemental" = Kingdom Elemental "Kurka Wodna 2" = Kurka Wodna 2 "Kurka Wodna 3" = Kurka Wodna 3 "Kurka Wodna_is1" = Kurka Wodna "Luxor" = Luxor "Magic Ball 2" = Magic Ball 2 "Mario Forever" = Mario Forever "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "neostradatp.exe" = neostrada tp "NeroMultiInstaller!UninstallKey" = Nero Suite "NSP_2011_is1" = NSP 2011 2.0.2 "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "PIT Format 2011_is1" = PIT Format 2011 "PIT Format 2012_is1" = PIT Format 2012 "PITy 2011_is1" = PITy 2011 "PITy 2012_is1" = PITy 2012 "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "Strip Poker Exclusive 3" = Strip Poker Exclusive 3 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "Zuma Deluxe" = Zuma Deluxe [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-796845957-2111687655-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Antivirus Security Pro" = Antivirus Security Pro [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-10-17 14:29:58 | Computer Name = TADEK-2009-03 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.5512, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0164e7b0. [ System Events ] Error - 2013-10-18 12:42:15 | Computer Name = TADEK-2009-03 | Source = DCOM | ID = 10010 Description = Serwer {44CBC005-6243-4502-8A02-3A096A282664} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2013-10-18 12:48:24 | Computer Name = TADEK-2009-03 | Source = DCOM | ID = 10010 Description = Serwer {44CBC005-6243-4502-8A02-3A096A282664} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2013-10-18 13:00:34 | Computer Name = TADEK-2009-03 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2013-10-18 13:01:16 | Computer Name = TADEK-2009-03 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2013-10-18 13:01:46 | Computer Name = TADEK-2009-03 | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2013-10-18 13:01:46 | Computer Name = TADEK-2009-03 | Source = Service Control Manager | ID = 7001 Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2013-10-18 13:01:46 | Computer Name = TADEK-2009-03 | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2013-10-18 13:01:46 | Computer Name = TADEK-2009-03 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD avipbb avkmgr Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss ssmdrv StarOpen Tcpip Error - 2013-10-18 13:12:34 | Computer Name = TADEK-2009-03 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2013-10-18 13:15:21 | Computer Name = TADEK-2009-03 | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1060 < End of report >