OTL Extras logfile created on: 2013-09-11 21:45:22 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Programy\Programy do usówania wirusów Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,96 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 82,84% Memory free 4,80 Gb Paging File | 4,45 Gb Available in Paging File | 92,63% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files Drive C: | 9,76 Gb Total Space | 8,77 Gb Free Space | 89,83% Space Free | Partition Type: FAT32 Drive E: | 48,83 Gb Total Space | 28,73 Gb Free Space | 58,83% Space Free | Partition Type: NTFS Drive F: | 97,66 Gb Total Space | 66,80 Gb Free Space | 68,39% Space Free | Partition Type: NTFS Drive G: | 140,74 Gb Total Space | 23,43 Gb Free Space | 16,65% Space Free | Partition Type: NTFS Computer Name: MICHALSZCZERBA | User Name: Michał Szczerba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-299502267-1390067357-1801674531-1003\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "E:\Program Files\Gadu-Gadu\gg.exe" = E:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (sms-express.com) "E:\Program Files\Skype\Plugin Manager\skypePM.exe" = E:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = E:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "E:\Program Files\Skype\Phone\Skype.exe" = E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{80280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage - Beta "{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom WLAN "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9E325417-AE9C-4EE1-A158-13DF451A5987}" = Broadcom Gigabit Integrated Controller "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B826A754-101B-4575-B39D-C1216EC5686B}" = Nitro Pro 7 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F4933D9F-89CC-4CA9-B5B0-CF32968890C7}" = BookScan&Whiteboard Suite "{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition "{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "avast" = avast! Free Antivirus "Baldur's Gate2" = Baldur's Gate II - Cienie Amn "CNXT_AUDIO_HDA" = Conexant HD Audio "ExpressBurn" = Express Burn "ExpressRip" = Express Rip "Gadu-Gadu" = Gadu-Gadu 6.1 "HDMI" = Intel(R) Graphics Media Accelerator Driver "iConfig" = iConfig "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox 23.0.1 (x86 pl)" = Mozilla Firefox 23.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NCH Toolbar" = NCH Toolbar "S500" = Icon7 S500 Wireless Laser Mouse for Notebooks "Universal Document Converter_is1" = Universal Document Converter (Demo) "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Winamp3" = Winamp3 (remove only) "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = WinRAR archiver "XP Codec Pack" = XP Codec Pack "Xvid_is1" = Xvid 1.1.3 final uninstall [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-09-10 18:29:51 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:29:51.562]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:30:26 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:30:26.109]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:31:00 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:31:00.640]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:31:35 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:31:35.156]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:32:09 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:32:09.671]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:32:44 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:32:44.171]: [00001460]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-10 18:38:30 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 00:38:30.937]: [00001864]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-11 10:36:21 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 16:36:21.562]: [00001728]: GetDeviceIpAddress: GetAddressByName [BRWCCAF780D0769] Error Error - 2013-09-11 10:50:28 | Computer Name = MICHALSZCZERBA | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2013/09/11 16:50:28.921]: [00001728]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.244] Error - 2013-09-11 15:00:52 | Computer Name = MICHALSZCZERBA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca FRST.exe, wersja 3.3.8.1, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2013-09-11 14:38:26 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error - 2013-09-11 15:13:27 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2013-09-11 15:13:27 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7031 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-09-11 15:13:29 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7031 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-09-11 15:13:36 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error - 2013-09-11 15:44:16 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2013-09-11 15:44:16 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7031 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-09-11 15:44:17 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7031 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2013-09-11 15:44:24 | Computer Name = MICHALSZCZERBA | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error - 2013-09-11 15:45:10 | Computer Name = MICHALSZCZERBA | Source = iaStor | ID = 262153 Description = Urządzenie \Device\Ide\iaStor0 nie odpowiedziało w ramach ustalonego limitu czasu. < End of report >