OTL Extras logfile created on: 2011-05-16 08:39:13 - Run 8 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Orange Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 35,71 Gb Total Space | 6,16 Gb Free Space | 17,25% Space Free | Partition Type: NTFS Drive D: | 63,47 Gb Total Space | 56,47 Gb Free Space | 88,97% Space Free | Partition Type: FAT32 Computer Name: ORANGE-PC | User Name: Orange | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-708403866-112902873-2606369930-1000\SOFTWARE\Classes\] .html [@ = htmlfile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04B459FD-9D9C-46B6-B519-72082B14A86B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{0F57AEF1-4348-4C34-B05E-3007821F5182}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{BF507142-F5A1-41CF-808B-CEA604BA7BE1}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | "{FDF6C04B-40E1-431B-9328-7098EE1B39C0}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | "TCP Query User{2A922DED-ECC6-481B-BAE2-9EE5453EDC7E}D:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=d:\program files\nowe gadu-gadu\gg.exe | "TCP Query User{5752C22A-9C48-4B41-85B3-2EDB7495F2F5}D:\program files\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=d:\program files\gadu-gadu\gg.exe | "TCP Query User{78D980DB-E0E4-4972-9B78-9ADD21AC6A1B}D:\program files\emule\emule.exe" = protocol=6 | dir=in | app=d:\program files\emule\emule.exe | "TCP Query User{8D37026A-8C9A-485F-ADC5-4673D75B67FD}D:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\program files\gadu-gadu 10\gg.exe | "TCP Query User{9F379D50-4ECA-44E8-B2A0-A460399FB92D}D:\program files\ares\ares.exe" = protocol=6 | dir=in | app=d:\program files\ares\ares.exe | "TCP Query User{AC820E1D-98E8-44CD-955D-C40AADD7651F}D:\program files\avalon\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=d:\program files\avalon\gadu-gadu\gg.exe | "TCP Query User{F05CEBAB-9855-4632-BCD4-E26F1E2A3C55}C:\program files\trans\trans.exe" = protocol=6 | dir=in | app=c:\program files\trans\trans.exe | "TCP Query User{FA5AEB68-737F-45DF-B57D-0CFD02FCEE18}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{083D39B6-0F89-41BB-A749-2F9BCEEA284E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{48976C15-C2EF-4FFB-9DBF-9B09A3CEE6D1}D:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\program files\gadu-gadu 10\gg.exe | "UDP Query User{59D2B447-3D49-4EBA-9197-CE69C2C20A5E}D:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=d:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{5D086AA8-0C56-40B1-8EA6-C64F5E69DCFB}D:\program files\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=d:\program files\gadu-gadu\gg.exe | "UDP Query User{9E359417-AC04-44FE-B4DB-5EF9DA28C499}D:\program files\ares\ares.exe" = protocol=17 | dir=in | app=d:\program files\ares\ares.exe | "UDP Query User{9F40CD3F-B760-4D07-B7EC-C463C4212299}D:\program files\avalon\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=d:\program files\avalon\gadu-gadu\gg.exe | "UDP Query User{AF49F32B-986A-4444-8345-C426059B4B85}C:\program files\trans\trans.exe" = protocol=17 | dir=in | app=c:\program files\trans\trans.exe | "UDP Query User{B968BBFD-0632-4795-9D5D-1B0BFE964CC0}D:\program files\emule\emule.exe" = protocol=17 | dir=in | app=d:\program files\emule\emule.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0446A460-E8E8-4387-9D1F-4BE9C9824F7B}" = Microsoft Antimalware Service PL-PL Language Pack "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0 "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 24 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module "{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module "{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware "{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client PL-PL Language Pack "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1) "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100 "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{BEWINTERNET-PL-IEW}.UninstallSuite" = Usuwanie Orange Free "{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86) "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Narzedzie do diagnostyki modemu "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced Audio FX Engine" = Advanced Audio FX Engine "Advanced Video FX Engine" = Advanced Video FX Engine "Ares" = Ares 2.1.4 "Broadcom 802.11b Network Adapter" = Karta Dell Wireless WLAN "CCleaner" = CCleaner (remove only) "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem "Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011) "Dell Webcam Center" = Dell Webcam Center "Dell Webcam Manager" = Dell Webcam Manager "Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up "KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full) "LockHunter_is1" = LockHunter version 1.0 beta 3, 32 bit edition "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "PhotoFiltre" = PhotoFiltre "ProInst" = Oprogramowanie Intel(R) PROSet/Wireless "RealAlt_is1" = Real Alternative 1.9.0 "SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >