OTL Extras logfile created on: 10/3/2012 11:41:26 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Dodatek Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.29 Gb Total Space | 13.98 Gb Free Space | 47.74% Space Free | Partition Type: NTFS Drive D: | 41.01 Gb Total Space | 27.76 Gb Free Space | 67.68% Space Free | Partition Type: NTFS Drive E: | 41.47 Gb Total Space | 22.17 Gb Free Space | 53.45% Space Free | Partition Type: NTFS Drive X: | 7.46 Gb Total Space | 7.17 Gb Free Space | 96.08% Space Free | Partition Type: FAT32 Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SrService] "Start" = 4 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "D:\chrome-win32\utorrent.exe" = D:\chrome-win32\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Documents and Settings\admin\Dane aplikacji\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "E:\tor\wtw\wtw.exe" = E:\tor\wtw\wtw.exe:*:Enabled:WTW Instant Messenger -- (K2T.eu, Kaworu) "C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper "C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.9.10.3377 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26918E50-6EDC-4A59-A31E-E9C1EF06F1BC}_is1" = Batch XLSX to XLS Converter 2010 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers "{45F80C55-3EBB-41C6-8451-C0DAEF4FA9E0}" = OpenOffice.ux.pl 3.2 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{554CF7BC-8E42-4819-9EB9-5F7F4F9BB324}" = GlobeTrotter Connect "{5931AB91-A151-4684-B6DE-6BC7AB7C1455}" = Phoenix Service Software "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit "{6A9EFE28-8906-4B8D-9122-3D089642EE87}" = Myst Masterpiece Edition "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime "{93ACEEA6-F5E8-4C6B-90F0-FB9F8131CBD4}" = REALTEK RTL8187 Wireless LAN Driver "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J125 "{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "0852D05415AB9A4F1EF451E342267F76C776ED2F" = Pakiet sterowników systemu Windows - Nokia Modem (11/03/2006 6.82.0.1) "0AAD16715A341564716CE9901E2911A02B1EB808" = Pakiet sterowników systemu Windows - AnyDATA Corporated (adusbser) Modem (09/21/2006 2.0.3.2) "0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "5513-1208-7298-9440" = JDownloader 0.9 "5C49EB77B7315FA2E925C43BA449BB322C4D9418" = Pakiet sterowników systemu Windows - AnyDATA Corporation (adusbser) Ports (09/21/2006 2.0.3.2) "7-Zip" = 7-Zip 4.55 beta "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AnyToISO_is1" = AnyToISO "Audacity_is1" = Audacity 1.2.6 "BearPaw 2400CU Plus v1.8" = BearPaw 2400CU Plus v1.8 "Bejeweled 3" = Bejeweled 3 "CANONBJ_Deinstall_CNMCP50.DLL" = Canon i250 "Convert PowerPoint_is1" = Convert PowerPoint "Crush'Em 2.0" = Crush'Em 2.0 "Easy Wireless Net" = Easy Wireless Net V3.240.06 "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "eTeacher 5_is1" = eTeacher 5 "Fotosizer" = Fotosizer 1.26 "Foxit Reader" = Foxit Reader "GPG4Win" = Gpg4win (2.1.0) "ImgBurn" = ImgBurn "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager "InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime "IrfanView" = IrfanView (remove only) "KeyBoardWindow_is1" = KeyBoardWindow 1.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Standard) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 15.0.1 (x86 pl)" = Mozilla Firefox 15.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "Nokia PC Suite" = Nokia PC Suite "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "OmegaT 2.3.0_08_is1" = OmegaT version 2.3.0_08 "OpenTTD" = OpenTTD 1.2.1 "Opera 12.02.1578" = Opera 12.02 "Orange Mobile Partner" = Orange Mobile Partner "Peggle" = Peggle (remove only) "Phoenix Service Software 2009.34.14.40684_is1" = Phoenix Service Software 2009.34.14.40684 v3 "PIT Format 2011_is1" = PIT Format 2011 "Pity 2009_is1" = Pity 2009 "PITy 2011_is1" = PITy 2011 "Pity Format 2010_is1" = Pity Format 2010 "PLAY ONLINE" = PLAY ONLINE "Puzzl'Em1.0Beta2" = Puzzl'Em 1.0 Beta2 "RealAlt_is1" = Real Alternative 1.52 "SMSERIAL" = Motorola SM56 Data Fax Modem "Softonic" = Softonic toolbar on IE "UltraISO_is1" = UltraISO Premium V9.53 "uTorrent" = µTorrent "uTorrentBar Toolbar" = uTorrentBar Toolbar "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Password Recovery Tool Standard Demo" = Windows Password Recovery Tool Standard Demo "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "GG" = GG < End of report >