OTL Extras logfile created on: 2012-09-18 17:05:13 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = E:\Instalki\antywirus Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,54% Memory free 4,19 Gb Paging File | 3,07 Gb Available in Paging File | 73,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 20,99 Gb Total Space | 3,77 Gb Free Space | 17,98% Space Free | Partition Type: NTFS Drive D: | 42,71 Gb Total Space | 2,31 Gb Free Space | 5,41% Space Free | Partition Type: NTFS Drive E: | 48,09 Gb Total Space | 11,01 Gb Free Space | 22,90% Space Free | Partition Type: NTFS Computer Name: KAROL-PC | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-235712798-2689714179-4185692529-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{29EBBFE9-179F-4CF5-882D-395D6AEC487B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{61180D27-A5BD-49FD-B0AF-44BCE7D22F7E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7D8EEB94-8B13-4708-98C2-FF6BAF7EBFB8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{9B7C03BE-FD98-460C-8A02-74200A2F70D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0502DA53-C0A1-43DB-AEEC-9623A8844E62}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{10A7FF09-0B4A-472F-A97E-6466D9C4EC5A}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | "{111CEF08-1270-4E8F-9182-706DF65C97CE}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{228535BC-2882-4721-803F-779526E3DCA6}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{22F811EB-E2DA-43E6-8608-02A040283325}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2BF64E2F-F1C6-4115-9175-0151F426FF7D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2EF4DFAE-F325-46D9-B699-65FE97B958E6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4BD4A598-6BC0-44C4-9808-EFD6D2D6DAAE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5ACB32A2-EBFE-412C-AAD9-92F765A096A9}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{8B27FAE7-8543-41D8-9823-4BD4208E6D75}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{9B58D06C-E4BD-4DB6-8B33-C866C1BB451B}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | "{C47B9A4C-C35A-404E-A9F8-8411B2DF2C14}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{CA11A3E5-E074-4387-B5F0-E551410E9A1A}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{393DAE9D-45BC-429A-A76B-EE888D11EA22}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{3CB7FA56-C3D5-4E5F-9CD9-504EFCF1B1B8}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{3EA9BA9D-4E1B-4B2F-9E9F-14FE5574B145}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{3F6B3CA8-0BBB-471B-8D85-D029AFEED5A9}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "TCP Query User{63717EEC-40A4-4BA9-AA96-6476817B685D}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{73F97D38-2CA8-4CD4-BCAA-03C3EC8CEFC4}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{89E29C98-5876-4D82-8CE1-3C7948259747}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe | "TCP Query User{9B9D144D-D6E3-4D1C-993E-C859CF5E5B06}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{F1F97CBC-0384-40FD-AB0B-E5FEE0D54DA4}C:\users\karol\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=6 | dir=in | app=c:\users\karol\appdata\local\temp\cprogram filesopera\operaupgrader.exe | "UDP Query User{15D5B17A-A281-451B-AFCC-96B207FFE959}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{171BC8BD-4495-4B05-8BFB-5A0A06428C57}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{44A8DB0F-B388-47C6-AB21-7495D62C7494}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{72D33A82-50DB-4192-BA66-08A1784E13AD}C:\users\karol\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=17 | dir=in | app=c:\users\karol\appdata\local\temp\cprogram filesopera\operaupgrader.exe | "UDP Query User{751BCCF9-4B78-48B6-AD05-D745C212C1B4}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "UDP Query User{8D717DA0-C121-45B7-A9BF-78C6A4AA942F}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{A7ADFBC5-8074-49C9-BA79-33BF818307D5}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe | "UDP Query User{BEBE131E-7CA1-4919-91CA-44F5018E8B45}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{D6A469ED-5FAC-4CC2-8FBC-B25379B54FFA}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6000 "{06FE635A-BE8C-4208-91A9-FB6E641A4F52}" = ArcSoft Panorama Maker 4 Pro "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Software 9.0 "{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF42DBD4-99DC-4DC4-B839-AA2E089C5F5F}" = The Bat! Professional v4.2.18 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "A5C76F143DE85710B0FDBABC39480EC492EE05CF" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avira AntiVir Desktop" = Avira Free Antivirus "BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218 "CCleaner" = CCleaner "DAEMON Tools Lite" = DAEMON Tools Lite "DC++" = DC++ 0.782 "GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70 "HaaliMkx" = Haali Media Splitter "HDMI" = Intel(R) Graphics Media Accelerator Driver "InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.8.3 "Matroska Pack" = Matroska Pack "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Nero Micro 9.2.6.02.2" = Nero Micro 9.2.6.0 Build.2.2 "Nokia Suite" = Nokia Suite "Opera 12.02.1578" = Opera 12.02 "PROSet" = Intel(R) PRO Network Connections Drivers "SopCast" = SopCast 3.2.8 "SwitchOff" = Switch Off "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "Winamp" = Winamp [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-12-08 15:05:19 | Computer Name = Karol-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2011-12-10 10:10:23 | Computer Name = Karol-PC | Source = Avira Antivirus | ID = 4118 Description = EXCEPTION calling function AVEPROC_InitEngine() for the file unknown [ACCESS_VIOLATION Exception!! EIP = 0x7312614a] Please inform Avira and submit the appropriate file! Error - 2011-12-18 08:02:32 | Computer Name = Karol-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd BESTplayer.exe, wersja 2.1.30.296, sygnatura czasowa 0x2a425e19, moduł powodujący błąd wmvdecod.dll, wersja 11.0.6000.6324, sygnatura czasowa 0x4549be1d, kod wyjątku 0xc0000005, przesunięcie błędu 0x000ed7d1, identyfikator procesu 0xd5c, godzina rozpoczęcia aplikacji 0x01ccbd7ce887ed04. Error - 2012-01-29 13:19:59 | Computer Name = Karol-PC | Source = Avira Antivirus | ID = 4118 Description = EXCEPTION calling function AVEPROC_TestFile() for the file C:\Users\Karol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSBS36G1\acollectionoflowers.book[1].jpg [ACCESS_VIOLATION Exception!! EIP = 0x1c93952] Please inform Avira and submit the appropriate file! Error - 2012-04-20 14:42:36 | Computer Name = Karol-PC | Source = Avira Antivirus | ID = 4118 Description = EXCEPTION calling function AVEPROC_InitEngine() for the file unknown [ACCESS_VIOLATION Exception!! EIP = 0x7255614a] Please inform Avira and submit the appropriate file! Error - 2012-05-10 12:53:11 | Computer Name = Karol-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2012-05-10 12:53:11 | Computer Name = Karol-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2012-08-08 15:46:55 | Computer Name = Karol-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2012-09-07 14:54:55 | Computer Name = Karol-PC | Source = EventSystem | ID = 4609 Description = Error - 2012-09-07 14:57:49 | Computer Name = Karol-PC | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 2012-09-18 10:52:28 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:42 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:42 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:42 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:47 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:47 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:47 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:52 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:53 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-09-18 10:52:53 | Computer Name = Karol-PC | Source = Service Control Manager | ID = 7001 Description = < End of report >