OTL Extras logfile created on: 3/4/2013 8:08:46 AM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop\sprawdznie combo\32 bity\OTL Windows XP Windows XP Embedded Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 765.97 Mb Total Physical Memory | 167.14 Mb Available Physical Memory | 21.82% Memory free 1.83 Gb Paging File | 1.23 Gb Available in Paging File | 67.21% Paging File free Paging file location(s): D:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8.01 Gb Total Space | 6.29 Gb Free Space | 78.63% Space Free | Partition Type: NTFS Drive D: | 21.81 Gb Total Space | 20.25 Gb Free Space | 92.84% Space Free | Partition Type: NTFS Computer Name: OEM-NIEPNN8FGEP | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:LocalSubnet:Disabled:NetBIOS Name Service "138:UDP" = 138:UDP:LocalSubnet:Disabled:NetBIOS Datagram Service "139:TCP" = 139:TCP:LocalSubnet:Disabled:NetBIOS Session Service "445:TCP" = 445:TCP:LocalSubnet:Disabled:SMB over TCP "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:SSDP "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnp Framework over TCP "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP) "3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "137:UDP" = 137:UDP:LocalSubnet:Disabled:NetBIOS Name Service "138:UDP" = 138:UDP:LocalSubnet:Disabled:NetBIOS Datagram Service "139:TCP" = 139:TCP:LocalSubnet:Disabled:NetBIOS Session Service "445:TCP" = 445:TCP:LocalSubnet:Disabled:SMB over TCP "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:SSDP "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnp Framework over TCP "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP) "3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping "5902:TCP" = 5902:TCP:*:Enabled:WinSEVnc_Port "5900:TCP" = 5900:TCP:*:Enabled:WinVNC_Port "5800:TCP" = 5800:TCP:*:Enabled:WinVNC_Port "5500:TCP" = 5500:TCP:*:Enabled:WinVNC_Port "6100:TCP" = 6100:TCP:*:Enabled:Synchronize Port "6101:TCP" = 6101:TCP:*:Enabled:Synchronize Port "6200:TCP" = 6200:TCP:*:Enabled:Synchronize Port [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic -- (Microsoft Corporation) "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic -- (Microsoft Corporation) "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation) "C:\Program Files\MagicInfo-i Premium\Client\MpTicker.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpTicker.exe:*:Enabled:MpTicker -- (TODO: <회사 이름>) "C:\Program Files\MagicInfo-i Premium\Client\MpUpdater.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpUpdater.exe:*:Enabled:MpUpdater -- () "C:\Program Files\MagicInfo-i Premium\Client\LFD_FlashUpdate.exe" = C:\Program Files\MagicInfo-i Premium\Client\LFD_FlashUpdate.exe:*:Enabled:LFD_FlashUpdate -- (SAMSUNG) "C:\Program Files\MagicInfo-i Premium\Client\MpVirtualKeybd.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpVirtualKeybd.exe:*:Enabled:MpVirtualKeybd -- () "C:\Program Files\RemoteDisplayControl\RemoteDisplayControl.exe" = C:\Program Files\RemoteDisplayControl\RemoteDisplayControl.exe:*:Enabled:RDC -- (Samsung Electronics) "C:\Program Files\MagicInfo-i Premium\Client\MpWatcher.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpWatcher.exe:*:Enabled:MagicInfo-i Watcher Premium -- () "C:\Program Files\MagicInfo-i Premium\Client\MpFileTransfer.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpFileTransfer.exe:*:Enabled:MagicInfo-i FileTransfer Premium -- () "C:\Program Files\MagicInfo-i Premium\Client\MpAgent.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpAgent.exe:*:Enabled:MagicInfo-i Agent Premium -- () "C:\Program Files\MagicInfo-i Premium\Client\UltraVNC\winvnc.exe" = C:\Program Files\MagicInfo-i Premium\Client\UltraVNC\winvnc.exe:*:Enabled:winvnc -- (UltraVNC) "C:\Program Files\MagicInfo-i Premium\Client\MpPlayer.exe" = C:\Program Files\MagicInfo-i Premium\Client\MpPlayer.exe:*:Enabled:MagicInfo-i Player Premium -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0623861A-5BB6-42CF-8843-F77370F217CA}" = MagicInfo-i Premium Edition Client V1.0 Build NA-MIIPP-1009.7 "{0A5196B1-F2C7-E579-1739-D42BC845CFAA}" = CCC Help Chinese Standard "{1240FED4-4F91-4DED-92D8-5D76ACB43D19}" = LFD Remote Display Control "{1299DFC3-2BB0-3D34-F91E-4FF9C11D4135}" = Catalyst Control Center InstallProxy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{33829097-3E59-7D3C-E21F-0B5040ED4763}" = Skins "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3FEE32EA-B572-9A53-35FB-F138AA524C97}" = ccc-utility "{5243E900-829A-5270-635C-3AE026CB2D4D}" = CCC Help Thai "{71A9653A-A850-676A-8636-79486376C48D}" = CCC Help Chinese Traditional "{725C6E15-C202-5697-E65D-4749F1B2BC57}" = CCC Help Japanese "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7569D756-ACFE-E26B-00B3-8E889C902654}" = CCC Help Korean "{80FCAEE3-CEDA-1836-530C-F8242BEC1D6F}" = Catalyst Control Center Localization All "{86B94471-34B1-7CBF-957B-DDD851F95422}" = ccc-core-static "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{D39B6E75-9D13-CF05-FC67-D097C2A68CEB}" = CCC Help English "{E08B9E10-C985-C460-6FDE-B61055E5B94F}" = ATI Catalyst Install Manager "{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}" = AMD OverDrive "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F86F3ED9-B22A-FA6F-F0E2-90A9702F05FC}" = ATI AVIVO Codecs "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "InstallShield_{0623861A-5BB6-42CF-8843-F77370F217CA}" = MagicInfo-i Premium Edition Client V1.0 Build NA-MIIPP-1009.7 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7000 Description = Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7001 Description = Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7000 Description = Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7001 Description = Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7023 Description = Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7000 Description = Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7001 Description = Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7000 Description = Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7001 Description = Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Service Control Manager | ID = 7023 Description = [ System Events ] Error - 12/1/2008 6:44:23 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Serial | ID = 393234 Description = No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found. Error - 12/1/2008 7:09:57 AM | Computer Name = OEM-NIEPNN8FGEP | Source = SRService | ID = 104 Description = The System Restore initialization process failed. Error - 12/1/2008 7:10:07 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Serial | ID = 393234 Description = No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found. Error - 12/1/2008 7:10:07 AM | Computer Name = OEM-NIEPNN8FGEP | Source = RegFilter | ID = 251658263 Description = The Registry Filter was unable to get Ram Disk device object. Error - 3/1/2013 4:41:48 AM | Computer Name = OEM-NIEPNN8FGEP | Source = SRService | ID = 104 Description = The System Restore initialization process failed. Error - 3/1/2013 4:41:59 AM | Computer Name = OEM-NIEPNN8FGEP | Source = Serial | ID = 393234 Description = No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found. Error - 3/1/2013 6:05:00 AM | Computer Name = OEM-NIEPNN8FGEP | Source = TermServDevices | ID = 1114 Description = Error communicating with the Spooler system service. Open the Services snap-in and confirm that the Print Spooler service is running. Error - 3/1/2013 6:58:43 AM | Computer Name = OEM-NIEPNN8FGEP | Source = TermServDevices | ID = 1114 Description = Error communicating with the Spooler system service. Open the Services snap-in and confirm that the Print Spooler service is running. Error - 3/1/2013 7:23:59 AM | Computer Name = OEM-NIEPNN8FGEP | Source = TermServDevices | ID = 1114 Description = Error communicating with the Spooler system service. Open the Services snap-in and confirm that the Print Spooler service is running. Error - 3/4/2013 4:01:24 AM | Computer Name = OEM-NIEPNN8FGEP | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service IISADMIN with arguments "" in order to run the server: {A9E69610-B80D-11D0-B9B9-00A0C922E750} < End of report >