OTL Extras logfile created on: 2012-04-27 21:17:09 - Run 4 OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\GOSIA\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,01% Memory free 4,24 Gb Paging File | 2,83 Gb Available in Paging File | 66,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 73,44 Gb Free Space | 63,07% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 77,77 Gb Free Space | 72,90% Space Free | Partition Type: NTFS Computer Name: GOSIA-PC | User Name: GOSIA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{009BDEBF-A6D5-4688-B837-813EAA5C7A4D}" = lport=2869 | protocol=6 | dir=in | app=system | "{042B0598-64B5-4623-B88F-575C2123F8E6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{19D7B123-F855-4BDB-AFE9-303C37A67130}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{21160BC3-89B5-443D-953E-AF13332D271A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{260EEC8C-75FB-44F4-9CE0-DFE40B0009E7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{29874AE0-FEE4-4F02-A5A7-C92F8306B7CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{48D8B70D-9E24-46B9-BA14-7FF35CF84709}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{69146AD8-0A18-457A-A153-C80EA6CDE83C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6D754052-9732-48E5-82A2-465248C9B36C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{706C250D-4E85-43A4-B64C-270B332064F8}" = rport=10243 | protocol=6 | dir=out | app=system | "{89D210DB-252A-4148-842B-F68F27C7347A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B8337BC5-77E8-454E-86EC-5565CA4A5811}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C4791EE6-1FC4-4B97-9F65-D9C6B07AD624}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CE6809F4-ECCB-40E0-BFB4-0656C7BFA3B6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{D23D51EC-E1F5-4A67-A3FA-AE547C6E9957}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{DBC8AA60-78B9-48CF-8AB8-C65F06218144}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{E9004228-E2B5-4668-8EA8-DF3E7FFC1E30}" = lport=10243 | protocol=6 | dir=in | app=system | "{EC5F25BB-01D2-4C1E-A07B-ABA5225BA522}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F8A55DC2-C73B-429D-97B6-72CC9C48DD99}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0326108F-1FB7-4C5E-87D8-6B025DB9A7FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0D7F90DC-B4E8-4957-AB01-8A8CFA39AC54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1EDE27EA-847D-4DC1-BE5A-7FBFC6CCCB1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{27B58B7A-CCCB-4FF0-9F42-A30D321E3C29}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2882B6C2-7DB6-4914-AA7C-05FD931F412A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{33736424-4580-4112-8534-A64DB0D6D6F2}" = dir=in | app=c:\users\gosia\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{366CA510-33F9-4521-8347-13B4D570DB00}" = protocol=6 | dir=in | app=c:\program files\windows mail\winmail.exe | "{499C84CA-9D4A-463F-B140-BD26FEE6A645}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4B2581B9-5B54-4E29-94BB-F4B374A37ABC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4CADC1EE-75A0-4D68-B895-A9265FA980BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4E18F466-2DA6-42A8-B358-25F3A7E4300B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{69006F6A-8194-4B98-A161-4371AEF50A12}" = protocol=6 | dir=in | app=c:\program files\windows live\mail\wlmail.exe | "{728A609E-CE8B-4DB6-A192-F5674C403D29}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{73A92EE1-4FB4-4459-ACCC-ACB7747A8A06}" = protocol=6 | dir=out | app=system | "{789CA0C8-11AA-44DB-B1F3-79F6B62A0944}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7CBE3B0B-5EDE-4AD9-95BD-092B3BDB4EFD}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{7DD146A0-74A1-4F84-8DB4-F449D5C22AC1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{A4620C97-9372-4156-B21E-E3AE2C8079D8}" = protocol=17 | dir=in | app=c:\program files\windows mail\winmail.exe | "{A466E324-43D9-49A1-A285-F0854A37D18C}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{B055DDC8-3E44-4970-8E97-1FD1557F9200}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{B867009A-1800-4FB6-9F4E-DCACD01293F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CBE63F77-638C-4D7A-8E30-6B5B04AC0A0C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{D6D35C26-4CE9-450E-8782-8C755200E4EE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{DA18D5AC-9478-4396-B920-D3958B4E51AF}" = protocol=17 | dir=in | app=c:\program files\windows live\mail\wlmail.exe | "{DC52BB30-2729-4BB7-8906-F20324B6DC82}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{E2541006-58B3-4F11-817E-2273F7F1385D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{E57E99EC-FAEF-4A0F-9E8C-7316C89BEE44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FC0A33CE-E96A-4C93-884C-4919F001DB51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{263CA89C-6F59-40A1-8CE2-C048F9BE4C09}D:\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\winamp\winamp.exe | "TCP Query User{4358D13E-6015-468D-A9B2-E12BEB72E61D}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "TCP Query User{5DABA869-71BA-4982-93F5-03A1531F5A16}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{21C3EA7B-369F-496F-997A-021952D49C68}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{502B2F4D-22DF-47E4-BC1F-07BCA7522C05}D:\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\winamp\winamp.exe | "UDP Query User{C24605E2-8B1D-4FFC-93C9-01174FFFEB5C}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SpeedFan" = SpeedFan (remove only) "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >