OTL Extras logfile created on: 2010-12-27 15:18:25 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Install Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 528,00 Mb Available Physical Memory | 52,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): G:\pagefile.sys 2000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58,59 Gb Total Space | 1,30 Gb Free Space | 2,22% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 0,07 Gb Free Space | 0,15% Space Free | Partition Type: NTFS Drive G: | 4,37 Gb Total Space | 1,52 Gb Free Space | 34,85% Space Free | Partition Type: NTFS Computer Name: ROUTIER | User Name: pawel&asia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDBrowse] -- C:\Program Files\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ Core -- File not found "C:\Program Files\EA GAMES\Battlefield 2\BF2.exe" = C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- () "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found "C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found "C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found "C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{238ABEB6-42D2-4DD7-9928-DE8431519C61}" = RadLinker "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5265664F-6128-405C-9225-9782A85954FD}" = Plustek USB Scanner "{58E653BE-BD68-4D68-BB2E-3AE1B925AAD0}" = Labtec WebCam "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{639555DF-952A-4161-97F6-AB9807E421D7}" = UFO Aftershock "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Audigy "{91477C6F-EC7C-4BFC-BBE1-E45908019DED}" = LightScribe 1.4.52.1 "{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup "{AC76BA86-7AD7-1045-7B44-A70500000002}" = Adobe Reader 7.0.5 - Polish "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster for Battlefield Vietnam "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM) "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03 "AC3Filter" = AC3Filter (remove only) "ACDSee Classic" = ACDSee Classic "Active WebCam" = Active WebCam "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "AVG9Uninstall" = AVG Free 9.0 "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18 "DirectX Uninstaller v.12" = DirectX Uninstaller v.12 "DivX Setup.divx.com" = DivX Setup "ffdshow" = ffdshow (remove only) "Gadu-Gadu" = Gadu-Gadu 6.1 "GSpot" = GSpot Codec Information Appliance "Infantry Mod" = Infantry Mod 1.21 "IrfanView" = IrfanView (remove only) "Kaspersky Online Scanner" = Kaspersky Online Scanner "LabtecDrv" = Camera Driver "Macromedia Shockwave Player" = Macromedia Shockwave Player "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "mIRC" = mIRC "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MultiRes (remove only)" = MultiRes (remove only) "NeroMultiInstaller!UninstallKey" = Nero Suite "Picasa 3" = Picasa 3 "QuickTime" = QuickTime "Radeon Omega Drivers for Windows 2k-XPv2.5.44" = Radeon Omega Drivers v2.5.44 Setup Files "Radeon Omega Drivers for Windows 2k-XPv2.5.76" = Radeon Omega Drivers v2.5.76 Setup Files "Radeon Omega Drivers for Windows 2k-XPv2.5.90 Beta" = Radeon Omega Drivers v2.5.90 Beta Setup Files "Radeon Omega Drivers for Windows 2k-XPv2.6.05a" = Radeon Omega Drivers v2.6.05a Setup Files "Radeon Omega Drivers for Windows 2k-XPv2.6.12" = Radeon Omega Drivers v2.6.12 Setup Files "Radeon Omega Drivers for Windows 2k-XPv2.6.25a" = Radeon Omega Drivers v2.6.25a Setup Files "RealPlayer 12.0" = RealPlayer "RTPatch_is1" = RTPatch Update "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SHOUTcastDSP" = SHOUTcast Source DSP 1.8.2 (remove only) "SkanerOnline" = Skaner on-line mks_vir "Sprint & FineReader 5.0 Office Try&Buy" = Sprint & FineReader 5.0 Office Try&Buy "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Web Picture Creator" = Web Picture Creator 1.50 "Winamp" = Winamp (remove only) "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 2 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XviD_is1" = XviD MPEG-4 Video Codec [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-73586283-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Puzzle Pirates" = Puzzle Pirates [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2009-01-10 10:24:59 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca Skype.exe, wersja 3.2.0.158, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-01-11 02:58:17 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-01-11 11:31:22 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-01-15 18:52:35 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WINWORD.EXE, wersja 9.0.0.2823, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-01-27 10:53:18 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-01-31 16:04:23 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca iexplore.exe, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-02-04 11:42:01 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca Picasa2.exe, wersja 2.7.37.36, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-02-10 10:15:15 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WINWORD.EXE, wersja 9.0.0.2823, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-02-18 16:19:21 | Computer Name = ROUTIER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avgui.exe, wersja 8.0.0.174, moduł powodujący błąd avgui.exe, wersja 8.0.0.174, adres błędu 0x0003e919. Error - 2009-02-24 11:01:21 | Computer Name = ROUTIER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WINWORD.EXE, wersja 9.0.0.2823, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. < End of report >