OTL Extras logfile created on: 2011-07-15 14:39:56 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\kwiatka.m\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 446,23 Mb Total Physical Memory | 144,14 Mb Available Physical Memory | 32,30% Memory free 1,03 Gb Paging File | 0,52 Gb Available in Paging File | 50,53% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,77 Gb Total Space | 0,65 Gb Free Space | 6,67% Space Free | Partition Type: NTFS Drive D: | 46,12 Gb Total Space | 31,20 Gb Free Space | 67,65% Space Free | Partition Type: NTFS Computer Name: KRZE-3517B410AA | User Name: kwiatka.m | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG) "F:\Programy\winbox.exe" = F:\Programy\winbox.exe:*:Enabled:winbox "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2011 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgam.exe" = C:\Program Files\AVG\AVG10\avgam.exe:*:Enabled:Menedżer alarmów systemu AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01161F64-6897-4885-93A0-A9F7BE9A4253}" = hp psc 1100 series "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panel sterowania ATI "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{66B6D13A-9CC1-417D-B6F2-58AA539D1045}" = Nero 7 Essentials "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{901C0415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime "{90260415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components "{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One "{AC76BA86-7AD7-1045-7B44-AA0000000001}" = Adobe Reader X - Polish "{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011 "{DC67641A-05C4-4FED-A462-1EB1DC6CF2F5}" = ArcSoft Software Suite "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package "{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "ALLPlayer_is1" = ALLPlayer V4.X "Ares" = Ares 2.1.6 "ATI Display Driver" = ATI Display Driver "AVG" = AVG 2011 "CCleaner" = CCleaner "CNXT_AUDIO" = Conexant AC-Link Audio "HP PSC 1100 Series" = HP Photo and Imaging 2.0 - hp psc 1100 series "RealAlt_is1" = Real Alternative 1.9.0 Lite "TomTom HOME" = TomTom HOME 2.8.2.2264 "Usbfix" = UsbFix By El Desaparecido & C_XX "Winamp" = Winamp [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-05-27 16:08:28 | Computer Name = KRZE-3517B410AA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.5730.13, moduł powodujący błąd mshtml.dll, wersja 7.0.5730.13, adres błędu 0x0008a64a. Error - 2011-05-31 15:56:51 | Computer Name = KRZE-3517B410AA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 7.0.5730.13, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-06-23 12:00:22 | Computer Name = KRZE-3517B410AA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.5730.13, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0efd8e9e. Error - 2011-06-23 12:53:09 | Computer Name = KRZE-3517B410AA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.5730.13, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0xff7a3f79. Error - 2011-06-27 14:08:43 | Computer Name = KRZE-3517B410AA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 7.0.5730.13, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-06-29 02:32:22 | Computer Name = KRZE-3517B410AA | Source = Userenv | ID = 1068 Description = System Windows zakończył przetwarzanie obiektu GPO, ponieważ komputer został zamknięty lub użytkownik wylogował się. Error - 2011-06-29 16:00:39 | Computer Name = KRZE-3517B410AA | Source = TomTomHOMEService | ID = 10000 Description = Error - 2011-06-29 16:09:20 | Computer Name = KRZE-3517B410AA | Source = TomTomHOMEService | ID = 10000 Description = Error - 2011-07-06 15:35:51 | Computer Name = KRZE-3517B410AA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.5730.13, moduł powodujący błąd msvcr90.dll, wersja 9.0.30729.4148, adres błędu 0x0003ae7a. Error - 2011-07-14 09:07:36 | Computer Name = KRZE-3517B410AA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca UsbFix.exe, wersja 3.3.6.1, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2011-07-06 13:40:07 | Computer Name = KRZE-3517B410AA | Source = DCOM | ID = 10010 Description = Serwer {601AC3DC-786A-4EB0-BF40-EE3521E70BFB} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2011-07-06 13:44:33 | Computer Name = KRZE-3517B410AA | Source = DCOM | ID = 10010 Description = Serwer {601AC3DC-786A-4EB0-BF40-EE3521E70BFB} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2011-07-06 14:52:06 | Computer Name = KRZE-3517B410AA | Source = Service Control Manager | ID = 7011 Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi avgwd. Error - 2011-07-11 09:55:03 | Computer Name = KRZE-3517B410AA | Source = PSched | ID = 14103 Description = QoS [Karta {8567823F-DAC2-419C-BDA9-3E5F546B7D9F}]: Sterownik karty sieciowej nie mógł wykonać kwerendy w poszukiwaniu OID_GEN_LINK_SPEED. Error - 2011-07-14 08:38:51 | Computer Name = KRZE-3517B410AA | Source = Service Control Manager | ID = 7034 Description = Usługa TomTomHOMEService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-07-14 08:38:51 | Computer Name = KRZE-3517B410AA | Source = Service Control Manager | ID = 7034 Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-07-14 08:38:51 | Computer Name = KRZE-3517B410AA | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2011-07-14 10:22:50 | Computer Name = KRZE-3517B410AA | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2011-07-14 10:44:21 | Computer Name = KRZE-3517B410AA | Source = System Error | ID = 1003 Description = Kod błędu 10000050, parametr 1 ffffefeb, parametr 2 00000000, parametr 3 ed174481, parametr 4 00000000. Error - 2011-07-15 08:30:07 | Computer Name = KRZE-3517B410AA | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.0.100 dla karty sieciowej o adresie 0016363EDDE0 został zabroniony przez serwer DHCP 192.168.0.1 (Serwer DHCP wysłał komunikat DHCPNACK). < End of report >