OTL Extras logfile created on: 2012-08-02 10:58:35 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 446,10 Mb Total Physical Memory | 287,00 Mb Available Physical Memory | 64,33% Memory free 1,03 Gb Paging File | 0,96 Gb Available in Paging File | 93,45% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 53,21 Gb Total Space | 40,32 Gb Free Space | 75,78% Space Free | Partition Type: NTFS Drive D: | 53,69 Gb Total Space | 3,18 Gb Free Space | 5,93% Space Free | Partition Type: FAT32 Computer Name: X-AEA4F17AD09A4 | User Name: xp | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1177238915-220523388-682003330-1003\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "F:\Z C\Portable\Opera1010usb\opera.exe" = F:\Z C\Portable\Opera1010usb\opera.exe:*:Enabled:Opera Internet Browser "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Kreator transferu plików i ustawień -- (Microsoft Corporation) "C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Kookos\kookos.exe" = C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Kookos\kookos.exe:*:Disabled:kookos -- () "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare "C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan "{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy "{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant "{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228 "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext "{3947442A-1409-45fc-A885-FB1CF937675D}" = 1400 "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software "{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update "{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations "{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{79B05AF4-8894-49A1-9FF4-53F0142D85E1}" = ATI Catalyst Control Center "{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc "{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{A07BAED2-DA9A-436A-83F1-80BA23FA9E4B}" = 1400_Help "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{AC76BA86-7AD7-1045-7B44-A70000000000}" = Adobe Reader 7.0 - Polish "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director "{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg "{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer "{DE66E6E1-BFBC-4586-A03C-686598F4CA3C}" = 1400Trb "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "Adibu Tajemnice ludzkiego ciała_is1" = Adibu Tajemnice ludzkiego ciała "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "Foxit Reader" = Foxit Reader "Gadu-Gadu 10" = Gadu-Gadu 10 "HP Photo & Imaging" = HP Image Zone 4.7 "HPExtendedCapabilities" = HP Extended Capabilities 4.7 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nero 7 Lite_is1" = Nero 7 Lite 7.9.6.0 "qt7lite_is1" = QT Lite 3.2.2 "RealAlt_is1" = Real Alternative 2.0.2 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Trucks & Trailers" = Trucks & Trailers 1.00 "Wincore MediaBar" = Wincore MediaBar "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-05-17 12:44:38 | Computer Name = X-AEA4F17AD09A4 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca explorer.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2012-05-21 14:30:11 | Computer Name = X-AEA4F17AD09A4 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 12.0.0.4493, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2012-05-29 10:30:48 | Computer Name = X-AEA4F17AD09A4 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 12.0.0.4493, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2012-06-09 10:37:00 | Computer Name = X-AEA4F17AD09A4 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca BearShare.exe, wersja 10.0.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2012-06-22 12:59:49 | Computer Name = X-AEA4F17AD09A4 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 12.0.0.4493, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2012-08-01 07:39:15 | Computer Name = X-AEA4F17AD09A4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd kookos.exe, wersja 0.0.0.0, moduł powodujący błąd kookos.exe, wersja 0.0.0.0, adres błędu 0x000223cd. Error - 2012-08-01 16:30:15 | Computer Name = X-AEA4F17AD09A4 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2012-08-02 01:22:14 | Computer Name = X-AEA4F17AD09A4 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2012-08-02 01:22:51 | Computer Name = X-AEA4F17AD09A4 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2012-08-02 01:24:38 | Computer Name = X-AEA4F17AD09A4 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd kookos.exe, wersja 0.0.0.0, moduł powodujący błąd kookos.exe, wersja 0.0.0.0, adres błędu 0x000223cd. [ System Events ] Error - 2012-08-02 01:23:47 | Computer Name = X-AEA4F17AD09A4 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu następującego błędu: %%1053 Error - 2012-08-02 04:54:30 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-08-02 04:55:35 | Computer Name = X-AEA4F17AD09A4 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: avgio avipbb Fips Processor ssmdrv Error - 2012-08-02 04:55:41 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:55:52 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:55:58 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:57:31 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:57:53 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:58:06 | Computer Name = X-AEA4F17AD09A4 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-02 04:59:10 | Computer Name = X-AEA4F17AD09A4 | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.122 dla karty sieciowej o adresie 0016CF9C2A4D został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). < End of report >