OTL Extras logfile created on: 2012-08-01 16:18:49 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = D:\wirus Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19222) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 79,99% Memory free 3,98 Gb Paging File | 3,75 Gb Available in Paging File | 94,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 148,89 Gb Total Space | 75,34 Gb Free Space | 50,60% Space Free | Partition Type: NTFS Drive D: | 3,74 Gb Total Space | 3,72 Gb Free Space | 99,44% Space Free | Partition Type: FAT32 Drive E: | 147,73 Gb Total Space | 142,43 Gb Free Space | 96,41% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: BEATA-PC | User Name: Beata | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3227068295-528142160-4193481640-1000] "EnableNotifications" = 1 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3227068295-528142160-4193481640-1001] "EnableNotifications" = 1 "EnableNotificationsRef" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{40031B92-6F4C-4E8E-91FB-FD05A04FBA95}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6BAF3C5F-ECCC-4985-9D72-395E54832826}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8053B87B-BF69-4FA7-9D42-2D3E10878457}" = protocol=6 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | "{8A5F14FC-AA18-4A56-A13C-5A102AAC7B34}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{982C8F0C-3E15-4579-9B17-D1D9937AC254}" = protocol=17 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | "{B7F24105-18D9-4AFF-8B7F-EE0B14109F68}" = protocol=17 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | "{BABE03BC-6973-4884-B177-1BC96CD333C6}" = protocol=6 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | "TCP Query User{6D6D48C6-A443-4378-A475-1FC920261C08}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{8F23A93F-F393-42E8-AA7C-AA89154E944C}C:\program files\ea games\need for speed most wanted\speed.exe" = protocol=6 | dir=in | app=c:\program files\ea games\need for speed most wanted\speed.exe | "TCP Query User{B9A3FA4A-4EA2-4AD7-8453-5C323301EDF2}C:\program files\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\far cry\bin32\farcry.exe | "UDP Query User{46576F99-2034-43E6-98D2-0F5EA5FB079D}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{93147580-B11A-4457-9F65-4C49A526CFA9}C:\program files\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\far cry\bin32\farcry.exe | "UDP Query User{DF9FA551-CC4C-4CA7-8DCE-F7D393386FA0}C:\program files\ea games\need for speed most wanted\speed.exe" = protocol=17 | dir=in | app=c:\program files\ea games\need for speed most wanted\speed.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree "{10DFB03F-845F-4BC6-BE9E-7FEC377A0CD0}" = Podreczniki TOSHIBA "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17 "{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3A9C37A6-AD4C-443D-0098-6B0A1865DEE2}" = FIFA 06 "{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09 "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTA III "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2006 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Desert Storm" = Desert Storm "E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1) "F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3) "Far Cry" = Far Cry "Google Chrome" = Google Chrome "HDMI" = Intel(R) Graphics Media Accelerator Driver "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 1.62 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 7.0.1 (x86 pl)" = Mozilla Firefox 7.0.1 (x86 pl) "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky "Super Sterownik_is1" = Super Sterownik "SynTPDeinstKey" = Synaptics Pointing Device Driver "The KMPlayer" = The KMPlayer (remove only) "TOSHIBA Software Modem" = TOSHIBA Software Modem "Winamp" = Winamp (remove only) "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-11 16:57:24 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-12 13:16:30 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-13 14:02:31 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-14 15:19:35 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-16 09:38:40 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 13:36:27 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 13:39:49 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-17 17:28:37 | Computer Name = Beata-PC | Source = Application Hang | ID = 1002 Description = Program iexplore.exe w wersji 8.0.6001.19222 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 3f4 Godzina rozpoczęcia: 01cd64430545c873 Godzina zakończenia: 9 Error - 2012-07-18 17:15:20 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-07-19 16:59:49 | Computer Name = Beata-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2012-08-01 10:16:46 | Computer Name = Beata-PC | Source = Service Control Manager | ID = 7001 Description = < End of report >