OTL Extras logfile created on: 2011-08-14 08:57:36 - Run 11 OTL by OldTimer - Version 3.2.69.0 Folder = I:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 1014,11 Mb Total Physical Memory | 409,17 Mb Available Physical Memory | 40,35% Memory free 3,02 Gb Paging File | 2,46 Gb Available in Paging File | 81,50% Paging File free Paging file location(s): C:\pagefile.sys 128 128D:\pagefil [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,68 Gb Total Space | 5,66 Gb Free Space | 36,11% Space Free | Partition Type: NTFS Drive D: | 24,80 Gb Total Space | 4,86 Gb Free Space | 19,59% Space Free | Partition Type: NTFS Drive E: | 16,91 Gb Total Space | 4,53 Gb Free Space | 26,79% Space Free | Partition Type: NTFS Drive F: | 17,14 Gb Total Space | 4,76 Gb Free Space | 27,76% Space Free | Partition Type: NTFS Drive I: | 1,90 Gb Total Space | 1,47 Gb Free Space | 77,55% Space Free | Partition Type: FAT Computer Name: Star87996 | User Name: STAR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm [@ = chm.file] -- "C:\WINDOWS\hh.exe" %1 .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- %SystemRoot%\System32\winhlp32.exe %1 .hta [@ = htafile] -- C:\WINDOWS\system32\mshta.exe "%1" %* .html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome .inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1 .ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1 .url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l .js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .reg [@ = regfile] -- regedit.exe "%1" .txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1 .vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %* [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 chm.file [open] -- "C:\WINDOWS\hh.exe" %1 cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe File not found Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L Drive [find] -- %SystemRoot%\Explorer.exe File not found Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00989200-325C-4910-8D7C-708529685D64}" = EWA_net_WIS_CaseOnline_Importer "{0F77E4F0-18DB-46E5-8560-6274B3CAE314}" = SDscan "{22A937EF-8C64-11D7-A9EE-00D009D07BEF}" = Star Diagnosis "{26A24AE4-039D-4CA4-87B4-2F83216038FF}" = Java(TM) 6 Update 38 "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{278DB2A0-512A-4555-8BA0-C5D65E9DDC79}" = EWA_net_Client_Applications "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4422E282-7130-4D5E-A5B5-0951DDBAEEE6}" = Star Diagnosis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F0FBB13-FEFA-4ED9-83B4-EDAAA0780127}" = Online Update BG "{50E125D1-88E5-48CE-80AE-98EC9698E639}" = Symantec AntiVirus "{5CB91295-CEC5-4467-9C87-66F9C07B3127}" = XENTRY "{798F0367-5A2C-436A-A1A1-3871A04C14C2}" = SDconnect Toolkit "{7A997C02-81D4-4FEC-9C1C-F916611F8360}" = EWA_net_EPC "{7E3591D1-4454-47F9-9D1A-7EF23EEAFF13}" = SDnetControl "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{938CC5C4-0AD4-4120-831A-DC4FA7B85E8E}" = WIS net Standalone "{96497EAB-A0B9-409F-B7ED-E9807D21CDB7}" = Juniper Installer Service "{9C2DB50C-567D-4083-96A8-008E6ED057B8}" = "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0F1D697-0C8F-4563-A406-830AE52BCE65}" = EWA_net_WIS "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller "{D60DC091-FEA2-4DBA-9725-79FABB44D492}" = Arbortext IsoView 7.0 M010 "{D78A1468-84FD-4226-BB33-713A7EBE3028}" = Document_Installer "{DCC60C7D-2AAB-467D-A26A-9CA044D18F81}" = MoTelDiSPrep "{E68C5783-A1E6-4D4C-83D4-99DD470F3D94}" = EWA_net_Server "{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202 "{F41852C7-939E-49A3-A5A7-5E3A81C32A8B}" = EWA_net_Core "{F49AFE1E-A8F1-4764-9138-C82C8E617E2B}" = EWA_net_Admin "{F5A600F2-427F-4587-98D2-B0E6EBCB3D07}" = BWK Data forwarding Setup "0CE7791FB6D7F038DF668C0B04EFBF2887E8424A" = Windows Driver Package - Lexmark International Printer (01/28/2010 1.6) "556AE9FF91DC2E492F4D0094495FD43B8BB3B98C" = Windows Driver Package - HP Printer (04/18/2008 1.0.5.0) "9B8F92F621D617C20F275CD44F2863B0BC328CE4" = Windows Driver Package - Oki Printer (03/27/2007 1.0.0.0) "Adobe Acrobat 5.1" = "Adobe Acrobat 7.0" = Acrobat Reader 7.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Autodesk WHIP!" = Autodesk WHIP! (Release 4.0-102) "CABE1F92B0BD3FF86F75164FF396A32D964FFEDE" = Windows Driver Package - HP hp LaserJet 1160 (02/13/2007 61.063.461.42) "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem "EWA net" = EWA net "FDAAEC4A3FCD12B6B84A9EED17FDFFDE209B23B0" = Windows Driver Package - HP HP LaserJet P3005 PCL 6 (03/18/2008 61.074.561.43) "HardwareAssistent" = HardwareAssistent "HDMI" = Intel(R) Graphics Media Accelerator Driver "ie8" = Windows Internet Explorer 8 "InstallShield_{D60DC091-FEA2-4DBA-9725-79FABB44D492}" = Arbortext IsoView 7.0 M010 "InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}" = OZ776 SCR Driver V1.1.4.202 "Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control "LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NVIDIA Drivers" = NVIDIA Drivers "QuickTime" = QuickTime "ResourceHacker_is1" = Resource Hacker Version 3.6.0 "SDconnect Toolkit_is1" = SDconnect Toolkit 2.1.0.6 "SDexplorer" = SDexplorer "SDnetAssist" = SDnetAssist "SDprinterConfig" = SDprinterConfig "SDsecchange" = SDsecchange "SoftKeyStart" = SoftKeyStart "StarAnalysis" = StarAnalysis "StarTransfer" = StarTransfer "Totalcmd" = Total Commander (Remove or Repair) "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WLANSignalView" = WLANSignalView "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] Error: Unable to start EventLog service! < End of report >