OTL Extras logfile created on: 2012-08-13 19:57:14 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Download FireFox Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,05% Memory free 4,84 Gb Paging File | 4,51 Gb Available in Paging File | 93,11% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 319,26 Gb Total Space | 139,64 Gb Free Space | 43,74% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 39,11 Gb Free Space | 26,70% Space Free | Partition Type: NTFS Computer Name: PC | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE () .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE () [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [compress] -- C:\Program Files\KGB Archiver\kgb_arch_compress.exe "%1\" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0C9221F6-1EA9-4D92-892D-A5FEB3084A75}" = Need for Speed Undeground 2 "{14EDD5D8-9AC9-3D3C-A442-527A8209C918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6225 "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.7 "{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0 "{2042E020-A633-44CC-BD1D-9851A7C19365}" = Overwolf "{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer "{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2 "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.439 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX "{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{707333E0-C796-4E2D-B0DA-5A429706C361}_is1" = DDS Viewer "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed "{761443B6-AB01-4052-8683-12F1C5A5A5E5}" = Trust DS-3200 Wireless Optical Slimline Deskset "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = KMPlayer Toolbar "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.58 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.58 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DC50950F-9308-49FE-8B50-859EBB08B6F6}" = jetVideo Basic VX "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8116030-96CA-401C-BA85-50265E7C0A96}" = SlimDrivers "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer_is1" = ALLPlayer V5.X "ANNO1602" = Anno 1602 "AVG Secure Search" = AVG Security Toolbar "BabylonToolbar" = Babylon toolbar on IE "BitComet" = BitComet 1.31 "CABAL Online Update 583_is1" = CABAL Online Update 583 "CABAL Online: Saint's Requiem Client_is1" = CABAL Online - Saint's Requiem Client "Call of Juarez_R.G. Mechanics_is1" = Call of Juarez "Cheat Engine 6.1_is1" = Cheat Engine 6.1 "Counter-Strike: Source" = Counter-Strike: Source "Cygnus Hex Editor" = Cygnus Hex Editor 2.50 "DAEMON Tools Lite" = DAEMON Tools Lite "Driver Magician_is1" = Driver Magician 3.5 "Duke Nukem 3D_is1" = Duke Nukem 3D "Duke Nukem: Manhattan Project" = Duke Nukem: Manhattan Project "ESL Wire_is1" = ESL Wire 1.13 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Ęí˙çü ňüěű - Çîëîňîĺ čçäŕíčĺ_R.G._Element_Arts_is1" = Ęí˙çü ňüěű - Çîëîňîĺ čçäŕíčĺ "FarmingSimulator2011PL_is1" = Symulator Farmy 2011 "FileZilla Client" = FileZilla Client 3.5.3 "Ford Racing 2" = Ford Racing 2 "Fraps" = Fraps "Freecorder5.11" = Freecorder 5 "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Grand Theft Auto San Andreas_is1" = GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET "HashCheck Shell Extension" = HashCheck Shell Extension (x86-32) "Hexprobe_is1" = Hexprobe 4.31 "HotA_is1" = h3hota "Icy Tower v1.5_is1" = Icy Tower v1.5 "incredibar" = Incredibar Toolbar on IE "InstallShield_{761443B6-AB01-4052-8683-12F1C5A5A5E5}" = Trust DS-3200 Wireless Optical Slimline Deskset "InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "Joan of Arc" = Joan of Arc "KGB Archiver_is1" = KGB Archiver 1.2.1.24 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Metin2_is1" = Metin2 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "mIRC" = mIRC "Monopoly by Parker Brothers" = Monopoly by Parker Brothers "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "Need for Speed Undeground 2" = Need for Speed Undeground 2 "Notepad++" = Notepad++ "OpenAL" = OpenAL "PokerTH 0.9.5" = PokerTH "PremiumSoft Navicat 8.1 Lite for MySQL_is1" = PremiumSoft Navicat 8.1 Lite for MySQL "Proxifier_is1" = Proxifier version 3.15 "Ravia.eu" = Ravia.eu "Sacred Underworld_is1" = Sacred Underworld "Sacred_is1" = Sacred "Scarface PL_is1" = Scarface PL 1.0 "screenSHU" = screenSHU - the fastest screen capture ever. "Sir Henry's Anno 1602 InselEditor" = Sir Henry's Anno 1602 InselEditor "Skrzaty_is1" = Skrzaty "Sniper Ghost Warrior_is1" = Sniper Ghost Warrior "Steam App 10" = Counter-Strike "Steam App 240" = Counter-Strike: Source "TeamSpeak 3 Client" = TeamSpeak 3 Client "The KMPlayer" = The KMPlayer (remove only) "Unlocker" = Unlocker 1.9.1 "V9Software" = Deinstalator Strony V9 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "Winamp" = Winamp "WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.44-5 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "winscp3_is1" = WinSCP 4.3.6 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = KMPlayer Toolbar Updater "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-13 13:04:59 | Computer Name = PC | Source = EventSystem | ID = 4609 Description = Podczas wewnętrznego przetwarzania system zdarzeń modelu COM+ wykrył zły kod powrotu. HRESULT to 8007043C z w wierszu 44 z d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą [ System Events ] Error - 2012-08-13 13:25:24 | Computer Name = PC | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-13 13:26:55 | Computer Name = PC | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi StiSvc z argumentami „” w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 2012-08-13 13:33:39 | Computer Name = PC | Source = sfsync02 | ID = 262156 Description = Error - 2012-08-13 13:33:45 | Computer Name = PC | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-08-13 13:35:09 | Computer Name = PC | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Fips intelppm oreans32 Error - 2012-08-13 13:35:09 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1060 Error - 2012-08-13 13:44:37 | Computer Name = PC | Source = sfsync02 | ID = 262156 Description = Error - 2012-08-13 13:44:43 | Computer Name = PC | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2012-08-13 13:46:07 | Computer Name = PC | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Fips intelppm oreans32 Error - 2012-08-13 13:46:07 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1060 < End of report >