OTL Extras logfile created on: 2011-03-29 21:40:36 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Paweł\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 66,90 Gb Free Space | 89,05% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 187,93 Gb Free Space | 96,22% Space Free | Partition Type: NTFS Drive E: | 195,32 Gb Total Space | 123,89 Gb Free Space | 63,43% Space Free | Partition Type: NTFS Computer Name: DOM-816EF0AE209 | User Name: Paweł | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\EA Sports\FIFA 11\Game\fifa.exe" = D:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11 -- (Electronic Arts) "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Disabled:mIRC -- (mIRC Co. Ltd.) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Documents and Settings\Paweł\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\Paweł\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe:*:Disabled:GameRanger "C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Disabled:Steam -- (Valve Corporation) "C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Disabled:Nero Home -- (Nero AG) "C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\MU\Ultimate\Launcher.exe" = C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\MU\Ultimate\Launcher.exe:*:Disabled:ST anticheat launcher "C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\almighty\Almighty MuOnline\Launcher.exe" = C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\almighty\Almighty MuOnline\Launcher.exe:*:Disabled:ST anticheat launcher "C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.) "C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\teamspeak3-server_win32\ts3server_win32.exe" = C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\teamspeak3-server_win32\ts3server_win32.exe:*:Disabled:TeamSpeak 3 Server "C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\totalcmd\TOTALCMD.EXE" = C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit -- (Ghisler Software GmbH) "C:\Program Files\CODBO\BlackOps.exe" = C:\Program Files\CODBO\BlackOps.exe:*:Disabled:BlackOps "C:\Program Files\EslWire\wire.exe" = C:\Program Files\EslWire\wire.exe:*:Enabled:ESL Wire Client "C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\ewac\EslWire\wire.exe" = C:\Documents and Settings\Paweł\Moje dokumenty\Downloads\ewac\EslWire\wire.exe:*:Disabled:ESL Wire Gaming Client "E:\Program Files\CODBO\BlackOps.exe" = E:\Program Files\CODBO\BlackOps.exe:*:Enabled:BlackOps "C:\Program Files\Steam\steamapps\aye_r\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\aye_r\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{716BAE33-442B-4003-A4C5-2B1C31321045}" = Nero 8 Essentials "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver 11.0 Rel .3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C538746-C2DC-40FC-B1FB-D4EA7966ABEB}" = Skype™ 5.1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ArcaniA" = ArcaniA - Gothic 4 "avast5" = avast! Free Antivirus "Creative VF0220" = Creative Live! Cam Video IM Driver (1.01.01.00) "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "ESL Wire_is1" = ESL Wire 1.9.4 "EXPERTool_is1" = EXPERTool 7.5 "Fraps" = Fraps "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "KozacyEB_is1" = Kozacy - Europejskie boje "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "mIRC" = mIRC "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.01.1190" = Opera 11.01 "Totalcmd" = Total Commander (Remove or Repair) "Veetle TV" = Veetle TV 0.9.18 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1202660629-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-26 14:03:13 | Computer Name = DOM-816EF0AE209 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00042b49. Error - 2011-01-26 14:03:18 | Computer Name = DOM-816EF0AE209 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd drwtsn32.exe, wersja 5.1.2600.0, moduł powodujący błąd dbghelp.dll, wersja 5.1.2600.5512, adres błędu 0x0001295d. Error - 2011-01-27 18:11:49 | Computer Name = DOM-816EF0AE209 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd skype.exe, wersja 5.1.32.104, moduł powodujący błąd skype.exe, wersja 5.1.32.104, adres błędu 0x0016bbc2. Error - 2011-02-01 05:49:34 | Computer Name = DOM-816EF0AE209 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd dogfighter.exe, wersja 0.0.0.0, moduł powodujący błąd dogfighter.exe, wersja 0.0.0.0, adres błędu 0x00023b59. [ System Events ] Error - 2011-03-29 09:44:53 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2011-03-29 12:18:52 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2011-03-29 15:13:35 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:13:35 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa GEST Service for program management. niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:13:35 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:13:35 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa NMIndexingService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:19:32 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:19:32 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa GEST Service for program management. niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:19:32 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-29 15:19:32 | Computer Name = DOM-816EF0AE209 | Source = Service Control Manager | ID = 7034 Description = Usługa NMIndexingService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >