OTL Extras logfile created on: 2011-05-12 06:16:00 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kasia\Desktop Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18865) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 013,00 Mb Total Physical Memory | 309,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,77 Gb Total Space | 30,13 Gb Free Space | 43,18% Space Free | Partition Type: NTFS Drive D: | 69,52 Gb Total Space | 50,77 Gb Free Space | 73,04% Space Free | Partition Type: NTFS Computer Name: MX | User Name: Kasia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3047449453-2165917257-3169288533-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0DB8B970-C7D7-446C-A9BE-9375B81FC6F3}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{166F8EF9-CBCA-46B7-AD60-CDF631438CD5}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{5255BF21-3D0A-43F8-9493-17D7E79478BC}" = rport=2869 | protocol=6 | dir=out | app=system | "{53D74649-7FF1-41DC-B060-1327F88DFC14}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{857722F0-674A-4052-9602-41B9E4AE8DA4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9DDE28E4-3E78-40FB-BF0B-0FE3EEA2EB8C}" = lport=15517 | protocol=6 | dir=in | name=bitcomet 15517 tcp | "{A4BBABA5-B64D-4CF3-A89A-86E7D03A11F7}" = lport=2869 | protocol=6 | dir=in | app=system | "{B1B2B2BB-633E-4CEF-8DE9-E76337505DA5}" = lport=8461 | protocol=6 | dir=in | name=god high port | "{CC99BAB1-2E2F-4A2A-A748-6A79521C80AF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{E69DC735-5982-43E2-AECA-499DA62D1C54}" = lport=15517 | protocol=17 | dir=in | name=bitcomet 15517 udp | "{E813B617-171A-4205-83A6-8FF1A5EDA0DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FE5F167B-8606-4CF0-8D81-8A89BBA4882F}" = lport=8462 | protocol=6 | dir=in | name=god low port | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05F313F6-7552-4ECB-B504-EB7E6BA74E21}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{15E7B46B-FDB5-4891-94FB-F5BCB93C02CF}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{5B75EC7B-463F-4661-94C1-00B3959ABDA5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{6F9DDA2E-B512-4CEB-8126-76ECAF12352D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{8BADC7A3-E9F4-4AF9-A255-105EE10334F8}" = protocol=6 | dir=in | app=c:\users\kasia\desktop\flvplayersetup.exe | "{96BCCB71-CD8C-4625-86AE-9988E8748D9B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A0EAB5AB-E9A3-4637-8AF1-3A29F30EB720}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{A8A609EC-FBAC-467E-80BC-7C666281C276}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{AAD5BFCF-9AC5-4936-B569-F66422CDBBE2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{B113C293-F309-44C7-82EC-68B403CB8552}" = protocol=17 | dir=in | app=c:\users\kasia\desktop\flvplayersetup.exe | "{BEA45732-3077-4117-8F54-B7752837D511}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{2DAE1660-1AD6-4DD8-82DB-664639BDFE04}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | "TCP Query User{44CFE6FF-4122-47A1-8ABB-3BCFBF9D3024}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{87DF39D0-AB20-419E-9516-DFB6D2E149F4}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{CAD016DB-9D4D-4A00-A76D-34D3571E262B}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{0226A1D3-5838-4585-8D91-FECF6E26BE5A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{5562BD0E-4341-4A9A-9C76-817C7987093F}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | "UDP Query User{C02AC775-B301-402A-8E58-F141FE3964BF}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{C4BDD7B0-D4BA-44C1-B19D-1E4E6D894591}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 20 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros for Acer Driver v7.3.1.73_Foxconn Installation Program "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{554CF7BC-8E42-4819-9EB9-5F7F4F9BB324}" = GlobeTrotter Connect "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6 "{74B9977F-47FE-4C1A-8DA3-C65F17CF93DD}" = OpenOffice.org 3.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0 "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 1.2.6 "BitComet" = BitComet 1.27 "CCleaner" = CCleaner "Collab" = Collab "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10 "CX4300_5500_DX4400 manual" = CX4300_5500_DX4400 manual "Gadu-Gadu 10" = Gadu-Gadu 10 "gry Toolbar" = gry Toolbar "HDMI" = Intel(R) Graphics Media Accelerator Driver "Icy Tower v1.4_is1" = Icy Tower v1.4 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full) "LManager" = Launch Manager "lvdrivers_12.10" = Pakiet sterowników: Logitech Webcam Software "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 4.0.1 (x86 pl)" = Mozilla Firefox 4.0.1 (x86 pl) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "Orbit_is1" = Orbit Downloader "Picasa 3" = Picasa 3 "RealAlt_is1" = Real Alternative 1.8.0 "Spider Player_is1" = Spider Player 2.4.2 "SubEdit-Player_is1" = SubEdit-Player "Theorica Divx ;-) Codecs" = Theorica Divx ;-) Codecs (remove only) "TNod" = TNod User & Password Finder "Toxic Biohazard" = Toxic Biohazard "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3047449453-2165917257-3169288533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-03-05 23:58:18 | Computer Name = MX | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2011-03-05 23:58:25 | Computer Name = MX | Source = WinMgmt | ID = 10 Description = Error - 2011-03-06 15:20:44 | Computer Name = MX | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2011-03-06 15:20:52 | Computer Name = MX | Source = WinMgmt | ID = 10 Description = Error - 2011-03-06 18:57:30 | Computer Name = MX | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2011-03-06 18:57:37 | Computer Name = MX | Source = WinMgmt | ID = 10 Description = Error - 2011-03-06 18:59:58 | Computer Name = MX | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2011-03-06 19:00:05 | Computer Name = MX | Source = WinMgmt | ID = 10 Description = Error - 2011-03-07 17:50:17 | Computer Name = MX | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 2011-03-07 17:50:25 | Computer Name = MX | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2011-05-11 22:50:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:00:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:10:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:20:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:30:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:40:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-11 23:50:32 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-12 00:09:18 | Computer Name = MX | Source = LSM | ID = 1050 Description = Error - 2011-05-12 00:09:23 | Computer Name = MX | Source = HTTP | ID = 15016 Description = Error - 2011-05-12 00:19:19 | Computer Name = MX | Source = LSM | ID = 1050 Description = < End of report >