OTL Extras logfile created on: 2013-01-09 18:20:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop 64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 59,61% Memory free 3,40 Gb Paging File | 2,63 Gb Available in Paging File | 77,32% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,42 Gb Total Space | 72,13 Gb Free Space | 67,15% Space Free | Partition Type: NTFS Drive D: | 107,42 Gb Total Space | 25,54 Gb Free Space | 23,78% Space Free | Partition Type: NTFS Drive E: | 18,03 Gb Total Space | 7,10 Gb Free Space | 39,35% Space Free | Partition Type: NTFS Computer Name: FENIKS-2DF12EC8 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1 .ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1 .url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l .js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1 .vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %* .wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files (x86)\Skype\Phone\Skype.exe" = C:\Program Files (x86)\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files (x86)\Valve\Steam\SteamApps\xguardianx975\counter-strike\hl.exe" = C:\Program Files (x86)\Valve\Steam\SteamApps\xguardianx975\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files (x86)\Skype\Phone\Skype.exe" = C:\Program Files (x86)\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files (x86)\Valve\Steam\SteamApps\xguardianx975\counter-strike\hl.exe" = C:\Program Files (x86)\Valve\Steam\SteamApps\xguardianx975\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security "CCleaner" = CCleaner "ie8" = Windows Internet Explorer 8 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers "TeamSpeak 3 Client" = TeamSpeak 3 Client "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "WIC" = Windows Imaging Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM) "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM) "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = Babylon Chrome Toolbar "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer "7-Zip" = 7-Zip 9.20 "Adobe AIR" = Adobe AIR "ALL YouTube Downloader_is1" = ALL YouTube Downloader "ALLPlayer_is1" = ALLPlayer V5.X "CABAL Online: Saint's Requiem Client_is1" = CABAL Online - Saint's Requiem Client "ElfBot NG_is1" = ElfBot NG 4.5.9 "Google Chrome" = Google Chrome "IVONA - syntezator mowy, wersja rehabilitacyjna" = IVONA - syntezator mowy, wersja rehabilitacyjna "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.5.5 "Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Revo Uninstaller" = Revo Uninstaller 1.94 "Steam App 42910" = Magicka "Steam App 550" = Left 4 Dead 2 "Tibia Testserver_is1" = Tibia Testserver "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "uTorrent" = µTorrent "WinRAR archiver" = WinRAR 4.20 (32-bit) [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-02 12:03:35 | Computer Name = FENIKS-2DF12EC8 | Source = MsiInstaller | ID = 1023 Description = Error - 2013-01-04 11:51:09 | Computer Name = FENIKS-2DF12EC8 | Source = Application Error | ID = 1000 Description = Faulting application league of legends.exe, version 1.0.0.152, faulting module league of legends.exe, version 1.0.0.152, fault address 0x004a553a. Error - 2013-01-09 08:51:45 | Computer Name = FENIKS-2DF12EC8 | Source = Application Error | ID = 1000 Description = Faulting application lollauncher.exe, version 0.0.0.0, faulting module lollauncher.exe, version 0.0.0.0, fault address 0x00076012. Error - 2013-01-09 12:48:26 | Computer Name = FENIKS-2DF12EC8 | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 2013-01-09 12:48:26 | Computer Name = FENIKS-2DF12EC8 | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown [ System Events ] Error - 2013-01-09 13:04:04 | Computer Name = FENIKS-2DF12EC8 | Source = nv | ID = 11141134 Description = Error - 2013-01-09 13:14:58 | Computer Name = FENIKS-2DF12EC8 | Source = Service Control Manager | ID = 7031 Description = The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error - 2013-01-09 13:16:14 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be found and Last Error was The referenced assembly is not installed on your system. Error - 2013-01-09 13:16:14 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls. Reference error message: The referenced assembly is not installed on your system. . Error - 2013-01-09 13:16:14 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe. Reference error message: The referenced assembly is not installed on your system. . Error - 2013-01-09 13:16:18 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be found and Last Error was The referenced assembly is not installed on your system. Error - 2013-01-09 13:16:18 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls. Reference error message: The referenced assembly is not installed on your system. . Error - 2013-01-09 13:16:18 | Computer Name = FENIKS-2DF12EC8 | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe. Reference error message: The referenced assembly is not installed on your system. . Error - 2013-01-09 13:16:28 | Computer Name = FENIKS-2DF12EC8 | Source = nv | ID = 11141134 Description = Error - 2013-01-09 13:16:28 | Computer Name = FENIKS-2DF12EC8 | Source = nv | ID = 11141134 Description = < End of report >