OTL Extras logfile created on: 6/13/2011 9:41:43 PM - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Jakub\My Documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 446.10 Mb Total Physical Memory | 197.07 Mb Available Physical Memory | 44.18% Memory free 1.03 Gb Paging File | 0.86 Gb Available in Paging File | 83.05% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 10.00 Gb Total Space | 1.10 Gb Free Space | 11.04% Space Free | Partition Type: NTFS Drive D: | 25.00 Gb Total Space | 0.42 Gb Free Space | 1.68% Space Free | Partition Type: NTFS Drive E: | 20.88 Gb Total Space | 0.86 Gb Free Space | 4.11% Space Free | Partition Type: NTFS Computer Name: KUBA | User Name: Jakub | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\BlueByte\The Settlers IV\Exe\S4_Main.exe" = C:\BlueByte\The Settlers IV\Exe\S4_Main.exe:*:Enabled:S4_Main -- (Blue Byte Software, Inc.) "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "E:\Gry\AOE2\empires2.exe" = E:\Gry\AOE2\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation) "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation) "E:\Gry\Heroes III\Heroes3.exe" = E:\Gry\Heroes III\Heroes3.exe:*:Enabled:Heroes of Might and Magic® III (CDP) -- (The 3DO Company) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25 "{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B743AA0-53B2-11D2-808A-00600895FB43}" = Heroes of Might and Magic III - Z³ota Edycja "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{93B74693-1FC5-F3DC-01C5-7527BC185F0C}" = e-Deklaracje Desktop "{9C538746-C2DC-40FC-B1FB-D4EA7966ABEB}" = Skype™ 5.1 "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.4 - Polish "{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet NIC Driver "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Age of Empires 2.0" = Microsoft Age of Empires II "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729) "Diagram Designer" = Diagram Designer "e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop "EPSON SX210 Series" = EPSON SX210 Series Printer Uninstall "FastImageResizer" = FastImageResizer (remove only) "ffdshow_is1" = ffdshow v1.1.3631 [2010-11-15] "Google Chrome" = Google Chrome "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool "ipla" = ipla 2.2.1 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Pizza Connection II" = Pizza Connection II "RealAlt_is1" = Real Alternative 1.9.0 Lite "S4Uninst" = The Settlers IV "SWOS-Total Pack" = SWOS-Total Pack "Tibia_is1" = Tibia "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.9 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR 4.00 (32-bitowy) "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 3/29/2011 5:45:21 PM | Computer Name = KUBA | Source = Application Hang | ID = 1002 Description = Hanging application subedit.exe, version 1.0.0.4072, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 3/31/2011 8:03:47 AM | Computer Name = KUBA | Source = Application Hang | ID = 1002 Description = Hanging application gg.exe, version 8.0.0.10102, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/1/2011 8:05:45 AM | Computer Name = KUBA | Source = Application Hang | ID = 1002 Description = Hanging application gg.exe, version 8.0.0.10102, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/1/2011 1:30:51 PM | Computer Name = KUBA | Source = Application Error | ID = 1000 Description = Faulting application jaucheck.exe, version 2.0.2.4, faulting module jaucheck.exe, version 2.0.2.4, fault address 0x0000c940. Error - 4/4/2011 11:14:54 AM | Computer Name = KUBA | Source = Application Error | ID = 1000 Description = Faulting application skype.exe, version 5.1.32.104, faulting module mshtml.dll, version 6.0.2900.6058, fault address 0x00072505. [ System Events ] Error - 6/12/2011 1:36:57 PM | Computer Name = KUBA | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.1.41 on the Network Card with network address 0016E3832C4C. Error - 6/12/2011 6:31:33 PM | Computer Name = KUBA | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.41 for the Network Card with network address 0016E3832C4C has been denied by the DHCP server 10.59.1.1 (The DHCP Server sent a DHCPNACK message). Error - 6/12/2011 6:36:46 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:36:57 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:41:26 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The DNS Client service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:41:30 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:41:30 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:41:34 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7031 Description = The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. Error - 6/12/2011 6:48:12 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s). Error - 6/12/2011 6:48:38 PM | Computer Name = KUBA | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). < End of report >