Skocz do zawartości


Zdjęcie

Logi - Znikający plik

Rozpoczęty przez Jezierski , 12 05 2010 22:41

  • Zamknięty Temat jest zamknięty
6 odpowiedzi w tym temacie

#1 Jezierski

Jezierski

    Nie truć na gg.

  • 351 postów

Napisano 12 05 2010 - 22:41

Moim problemem od wczoraj jest pewnien znikający plik. Pobrałem cso z neta, było zapakowane win rarem, po rozpakowaniu mam kilka plików, w tym 1 .exe > niestety po 2-3 sek znika on i go nia ma :E mam ustawione pokazywanie ukrytych folderów, możliwe że problem leży po stronie antywirusa który takowego pliku nie chce dopuścić - mam McAfee niestety po dosc długim sprawdzaniu nie znalazłem tam nic w rodzaju kwarantanny...
wklejam log z HijackThis - byc może ktos cos znajdzie: 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:43:51, on 2010-05-12

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal



Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\WinFast\WFDTV\DTVSchdl.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\EXPERTool\TBPANEL.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\JezieR\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe

C:\Windows\system32\wuauclt.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100428154657.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A

O4 - HKCU\..\Run: [Google Update] "C:\Users\JezieR\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix: 

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - D:\Programy\Sync\FreeAgentService.exe

O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe



--

End of file - 8746 bytes


// masch - zycie , zdarza sie :E

Użytkownik Jezierski edytował ten post 12 05 2010 - 23:55
Jeszcze raz napiszesz temat w złym dziale a skończysz w siatce

  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 13 05 2010 - 12:10

W dzisiejszych czasach Hijack to tylko bezużyteczna zabawka.
Preferowany jest log z OTL >/otl-t35212/
Choć nie bardzo wiem, po co log? Przecież to raczej nie wyjaśni znikania pliku.
Można by było tylko ustalić, czy taki plik w ogóle był, bo w logu OTL byłoby go widać (chyba?)
.

Użytkownik ordynat edytował ten post 13 05 2010 - 12:10

  • 0

#3 Jezierski

Jezierski

    Nie truć na gg.

  • 351 postów

Napisano 13 05 2010 - 15:44

wkleiłem log bo gdzies na necie podobny problem rozwiązało "zfiksowanie" niektórych logów.

wklejam ten z OTL : 


OTL logfile created on: 2010-05-13 15:42:13 - Run 1OTL by OldTimer - Version 3.2.4.1     Folder = D:\Download\POBRANEWindows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstationInternet Explorer (Version = 7.0.6002.18005)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 46,82 Gb Total Space | 18,62 Gb Free Space | 39,78% Space Free | Partition Type: NTFSDrive D: | 651,82 Gb Total Space | 171,02 Gb Free Space | 26,24% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: JEZIER-PCCurrent User Name: JezieRLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-05-13 15:41:52 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Download\POBRANE\OTL.exePRC - [2010-04-26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exePRC - [2010-04-14 12:29:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exePRC - [2010-04-14 12:29:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exePRC - [2010-04-01 23:05:04 | 001,180,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exePRC - [2010-03-18 10:01:20 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\JezieR\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exePRC - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exePRC - [2010-01-05 18:04:02 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exePRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exePRC - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exePRC - [2009-10-05 19:03:28 | 002,174,976 | ---- | M] (Gainward Co.) -- C:\Program Files\EXPERTool\TBPANEL.exePRC - [2009-07-17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exePRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exePRC - [2009-01-23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exePRC - [2009-01-16 16:31:58 | 000,161,064 | ---- | M] (Seagate Technology LLC) -- D:\Programy\Sync\FreeAgentService.exePRC - [2007-11-16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exePRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe  ========== Modules (SafeList) ========== MOD - [2010-05-13 15:41:52 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Download\POBRANE\OTL.exeMOD - [2009-04-10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dllMOD - [2009-01-23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dllMOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx  ========== Win32 Services (SafeList) ========== SRV - [2010-05-08 00:06:06 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [2010-04-14 12:29:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)SRV - [2010-04-14 12:29:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)SRV - [2010-03-10 11:16:56 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)SRV - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)SRV - [2010-01-05 18:04:02 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)SRV - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)SRV - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)SRV - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)SRV - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)SRV - [2009-12-14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)SRV - [2009-07-17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)SRV - [2009-01-23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)SRV - [2009-01-16 16:31:58 | 000,161,064 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- D:\Programy\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV - [2007-05-31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)SRV - [2007-05-31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)SRV - [2006-06-05 15:22:34 | 001,129,000 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe -- (SandraTheSrv)SRV - [2006-06-05 15:18:30 | 000,117,288 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe -- (SandraDataSrv)SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)  ========== Driver Services (SafeList) ========== DRV - [2010-04-17 23:41:54 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)DRV - [2010-04-14 12:29:58 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)DRV - [2010-04-14 12:29:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)DRV - [2010-04-14 12:29:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)DRV - [2010-04-14 12:29:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)DRV - [2010-04-14 12:29:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)DRV - [2010-04-14 12:29:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)DRV - [2010-04-14 12:29:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)DRV - [2010-04-14 12:29:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)DRV - [2010-04-14 12:29:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)DRV - [2009-11-28 23:49:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)DRV - [2009-11-28 23:49:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)DRV - [2009-08-04 18:56:26 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)DRV - [2009-04-10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)DRV - [2008-12-25 00:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)DRV - [2008-05-16 20:31:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)DRV - [2008-01-21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)DRV - [2008-01-21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)DRV - [2008-01-21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)DRV - [2008-01-21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)DRV - [2008-01-21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)DRV - [2008-01-21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)DRV - [2008-01-21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)DRV - [2008-01-21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)DRV - [2008-01-21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)DRV - [2008-01-21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)DRV - [2008-01-21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)DRV - [2008-01-21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)DRV - [2008-01-21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)DRV - [2008-01-21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)DRV - [2008-01-21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)DRV - [2008-01-21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)DRV - [2008-01-21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)DRV - [2008-01-21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)DRV - [2008-01-21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)DRV - [2008-01-21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)DRV - [2008-01-21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)DRV - [2008-01-21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)DRV - [2008-01-21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)DRV - [2008-01-21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)DRV - [2007-12-15 18:38:46 | 000,014,672 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Download\POBRANE\setfsb_2_2_134_98\WinRing0.sys -- (WinRing0_1_0_1)DRV - [2007-11-06 09:06:48 | 000,131,672 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)DRV - [2007-11-06 09:06:48 | 000,032,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex)DRV - [2006-11-10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\ATITool.sys -- (ATITool)DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)DRV - [2005-10-10 10:24:24 | 000,019,416 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\sandra.sys -- (SANDRA)DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\PQNTDRV.sys -- (PQNTDrv)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}"FF - prefs.js..browser.search.selectedEngine: "free-downloads.net Customized Web Search"FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1098640&SearchSource=13"FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.0FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723FF - prefs.js..extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0 FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010-03-03 00:21:59 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-12-24 21:27:52 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-28 15:46:57 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-26 16:30:57 | 000,000,000 | ---D | M] [2009-10-16 00:46:53 | 000,000,000 | ---D | M] -- C:\Users\JezieR\AppData\Roaming\Mozilla\Extensions[2010-05-12 23:52:35 | 000,000,000 | ---D | M] -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions[2009-10-16 20:30:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2010-01-26 22:17:20 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}[2010-04-17 23:45:26 | 000,000,000 | ---D | M] (free-downloads.net Toolbar) -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}[2010-01-26 19:51:14 | 000,000,000 | ---D | M] -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions\firebug@software.joehewitt.com[2010-01-27 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\extensions\staged-xpis[2010-01-20 12:16:28 | 000,000,939 | ---- | M] () -- C:\Users\JezieR\AppData\Roaming\Mozilla\Firefox\Profiles\vckpysma.default\searchplugins\conduit.xml[2009-12-18 15:45:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-04-14 12:29:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll[2009-10-14 23:51:28 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll[2009-08-24 21:19:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2009-08-24 21:19:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2009-08-24 21:19:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2009-08-24 21:19:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2009-08-24 21:19:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2009-08-24 21:19:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-04-23 16:05:10 | 000,000,990 | ---- | M]) - C:\Windows\System32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: ::1             localhostO1 - Hosts: 127.0.0.1       static3.cdn.ubi.comO1 - Hosts: 127.0.0.1       ubisoft-orbit.s3.amazonaws.comO1 - Hosts: 127.0.0.1       onlineconfigservice.ubi.comO1 - Hosts: 127.0.0.1       orbitservice.ubi.comO1 - Hosts: 127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.comO1 - Hosts: O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100428154657.dll (McAfee, Inc.)O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)O4 - HKCU..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O13 - gopher Prefix: missingO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O24 - Desktop WallPaper: C:\Users\JezieR\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpgO24 - Desktop BackupWallPaper: C:\Users\JezieR\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpgO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-12-28 01:38:22 | 000,000,026 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]O33 - MountPoints2\{18e21256-a05e-11de-abe6-00219b0151e9}\Shell\AutoRun\command - "" = E:\ph.exe -- File not foundO33 - MountPoints2\{18e21256-a05e-11de-abe6-00219b0151e9}\Shell\open\Command - "" = E:\ph.exe -- File not foundO33 - MountPoints2\{5e0d15eb-f2d6-11de-b391-00219b0151e9}\Shell - "" = AutoRunO33 - MountPoints2\{5e0d15eb-f2d6-11de-b391-00219b0151e9}\Shell\AutoRun\command - "" = K:\autorun.exe -- File not foundO33 - MountPoints2\{7fbc0ee1-affb-11de-b5bf-00219b0151e9}\Shell\AutoRun\command - "" = E:\wrsf.exe -- File not foundO33 - MountPoints2\{7fbc0ee1-affb-11de-b5bf-00219b0151e9}\Shell\open\Command - "" = E:\wrsf.exe -- File not foundO33 - MountPoints2\{7fbc0ee5-affb-11de-b5bf-00219b0151e9}\Shell\AutoRun\command - "" = K:\wrsf.exe -- File not foundO33 - MountPoints2\{7fbc0ee5-affb-11de-b5bf-00219b0151e9}\Shell\open\Command - "" = K:\wrsf.exe -- File not foundO33 - MountPoints2\{e78877f1-924b-11de-aae4-00219b0151e9}\Shell - "" = AutoRunO33 - MountPoints2\{e78877f1-924b-11de-aae4-00219b0151e9}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not foundO34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not foundO37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010-05-12 22:10:07 | 000,000,000 | --SD | C] -- C:\ComboFix[2010-05-12 22:09:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe[2010-05-12 21:24:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2010-05-12 21:24:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2010-05-12 21:24:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2010-05-12 21:21:05 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CF1829.exe[2010-05-12 21:20:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT[2010-05-12 21:20:37 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CF1659.exe[2010-05-12 21:20:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swsc.exe[2010-05-12 21:20:15 | 000,000,000 | ---D | C] -- C:\Qoobox[2010-05-11 23:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent[2010-04-24 18:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Phonics, Inc[2010-04-24 18:00:16 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe[2010-04-23 16:05:17 | 000,000,000 | ---D | C] -- C:\Users\JezieR\Desktop\AC2 Emulator 0.44[2010-04-23 15:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft[2010-04-21 15:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe[2010-04-21 15:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\Free PDF to Word Doc Converter[2010-04-18 23:06:59 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys[2010-04-18 23:06:30 | 000,385,536 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys[2010-04-18 23:06:30 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys[2010-04-18 23:06:30 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys[2010-04-18 23:06:30 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys[2010-04-18 23:06:30 | 000,095,568 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys[2010-04-18 23:06:30 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys[2010-04-18 23:06:30 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys[2010-04-18 23:06:30 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys[2010-04-18 23:06:30 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys[2010-04-18 22:36:08 | 000,000,000 | ---D | C] -- C:\Users\JezieR\Documents\Native Instruments[2010-04-18 22:35:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}[2010-04-18 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign[2010-04-18 22:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments[2010-04-18 22:34:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}[2010-04-18 22:34:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}[2010-04-18 22:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments[2010-04-18 22:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments[2010-04-17 23:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit[2010-04-17 23:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\free-downloads.net[2010-04-17 23:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft[2010-04-17 21:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight[2010-04-17 21:25:33 | 000,000,000 | ---D | C] -- C:\Users\JezieR\AppData\Roaming\ipla[2010-04-17 21:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla[2010-04-14 17:53:43 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe[2010-04-14 17:53:43 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe[2010-04-14 17:53:41 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll[2010-04-14 17:53:31 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm[2010-04-14 17:53:31 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ][1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-05-13 15:45:14 | 006,291,456 | -HS- | M] () -- C:\Users\JezieR\NTUSER.DAT[2010-05-13 15:39:56 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1700171713-3824331562-2899236527-1000UA.job[2010-05-13 15:39:56 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2010-05-13 15:39:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2010-05-13 14:29:09 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk[2010-05-13 14:20:48 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI[2010-05-13 14:20:48 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat[2010-05-13 14:20:48 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat[2010-05-13 14:15:03 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2010-05-13 14:14:30 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0[2010-05-13 14:14:30 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0[2010-05-13 14:14:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT[2010-05-13 00:42:02 | 000,524,288 | -HS- | M] () -- C:\Users\JezieR\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms[2010-05-13 00:42:02 | 000,065,536 | -HS- | M] () -- C:\Users\JezieR\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf[2010-05-13 00:41:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat[2010-05-13 00:41:31 | 002,830,116 | -H-- | M] () -- C:\Users\JezieR\AppData\Local\IconCache.db[2010-05-12 23:21:41 | 000,000,641 | ---- | M] () -- C:\Users\JezieR\Desktop\World of Warcraft.lnk[2010-05-12 22:49:41 | 000,000,780 | ---- | M] () -- C:\Users\JezieR\Desktop\HijackThis - Shortcut.lnk[2010-05-12 21:21:30 | 003,686,869 | R--- | M] () -- C:\Users\JezieR\Desktop\ComboFix.exe[2010-05-12 21:21:00 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CF1829.exe[2010-05-12 21:20:08 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CF1659.exe[2010-05-12 18:29:36 | 002,333,736 | ---- | M] () -- C:\Users\JezieR\P5111466.JPG[2010-05-12 18:29:13 | 002,851,360 | ---- | M] () -- C:\Users\JezieR\P5111456.JPG[2010-05-11 23:01:14 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk[2010-05-11 18:18:06 | 002,840,849 | ---- | M] () -- C:\Users\JezieR\P5111468.JPG[2010-05-11 18:17:32 | 003,296,361 | ---- | M] () -- C:\Users\JezieR\P5111467.JPG[2010-05-11 18:12:36 | 002,499,277 | ---- | M] () -- C:\Users\JezieR\P5111463.JPG[2010-05-11 18:11:14 | 003,520,044 | ---- | M] () -- C:\Users\JezieR\P5111462.JPG[2010-05-11 18:11:02 | 003,155,369 | ---- | M] () -- C:\Users\JezieR\P5111461.JPG[2010-05-11 18:06:50 | 002,950,571 | ---- | M] () -- C:\Users\JezieR\P5111460.JPG[2010-05-11 18:04:14 | 003,822,086 | ---- | M] () -- C:\Users\JezieR\P5111457.JPG[2010-05-09 16:40:45 | 000,029,696 | ---- | M] () -- C:\Users\JezieR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-05-05 16:52:00 | 000,015,561 | ---- | M] () -- C:\Users\JezieR\Desktop\JezieR.wpl[2010-04-30 12:40:06 | 000,584,267 | ---- | M] () -- C:\Users\JezieR\Desktop\dddd.xps[2010-04-30 12:22:37 | 000,379,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT[2010-04-29 19:38:32 | 000,002,257 | ---- | M] () -- C:\Users\JezieR\Desktop\Ventrilo.lnk[2010-04-26 17:15:22 | 000,017,227 | ---- | M] () -- C:\Users\JezieR\Desktop\fiZyka.docx[2010-04-26 16:30:58 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk[2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe[2010-04-24 18:01:06 | 000,001,082 | ---- | M] () -- C:\Users\JezieR\Desktop\AP Guitar Tuner 1.02.lnk[2010-04-23 16:05:50 | 000,000,491 | ---- | M] () -- C:\Users\JezieR\Desktop\Assassins Creed II.lnk[2010-04-23 16:05:10 | 000,000,990 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts[2010-04-21 15:00:31 | 000,000,862 | ---- | M] () -- C:\Users\JezieR\Desktop\Free PDF to Word Doc Converter.lnk[2010-04-18 22:35:46 | 000,000,589 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk[2010-04-17 23:59:02 | 000,000,110 | ---- | M] () -- C:\Users\JezieR\Documents\ax_files.xml[2010-04-17 23:45:12 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk[2010-04-17 23:41:54 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys[2010-04-17 21:25:32 | 000,000,458 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk[2010-04-14 12:29:58 | 000,385,536 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys[2010-04-14 12:29:58 | 000,312,616 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys[2010-04-14 12:29:58 | 000,160,720 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys[2010-04-14 12:29:58 | 000,152,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys[2010-04-14 12:29:58 | 000,095,568 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys[2010-04-14 12:29:58 | 000,083,496 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys[2010-04-14 12:29:58 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys[2010-04-14 12:29:58 | 000,055,456 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys[2010-04-14 12:29:58 | 000,051,688 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys[2010-04-14 12:29:58 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ][1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-05-13 14:29:09 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk[2010-05-12 22:49:41 | 000,000,780 | ---- | C] () -- C:\Users\JezieR\Desktop\HijackThis - Shortcut.lnk[2010-05-12 22:43:51 | 000,008,747 | ---- | C] () -- C:\Users\JezieR\hijackthis.log[2010-05-12 21:24:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe[2010-05-12 21:24:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2010-05-12 21:24:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2010-05-12 21:24:40 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe[2010-05-12 21:24:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2010-05-12 21:20:38 | 003,686,869 | R--- | C] () -- C:\Users\JezieR\Desktop\ComboFix.exe[2010-05-12 18:28:47 | 002,840,849 | ---- | C] () -- C:\Users\JezieR\P5111468.JPG[2010-05-12 18:28:43 | 003,296,361 | ---- | C] () -- C:\Users\JezieR\P5111467.JPG[2010-05-12 18:28:34 | 003,520,044 | ---- | C] () -- C:\Users\JezieR\P5111462.JPG[2010-05-12 18:28:34 | 003,155,369 | ---- | C] () -- C:\Users\JezieR\P5111461.JPG[2010-05-12 18:28:34 | 002,950,571 | ---- | C] () -- C:\Users\JezieR\P5111460.JPG[2010-05-12 18:28:34 | 002,499,277 | ---- | C] () -- C:\Users\JezieR\P5111463.JPG[2010-05-12 18:28:34 | 002,333,736 | ---- | C] () -- C:\Users\JezieR\P5111466.JPG[2010-05-12 18:28:33 | 003,822,086 | ---- | C] () -- C:\Users\JezieR\P5111457.JPG[2010-05-12 18:28:33 | 002,851,360 | ---- | C] () -- C:\Users\JezieR\P5111456.JPG[2010-05-11 23:01:14 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk[2010-04-30 12:40:04 | 000,584,267 | ---- | C] () -- C:\Users\JezieR\Desktop\dddd.xps[2010-04-24 18:01:06 | 000,001,082 | ---- | C] () -- C:\Users\JezieR\Desktop\AP Guitar Tuner 1.02.lnk[2010-04-23 16:05:50 | 000,000,491 | ---- | C] () -- C:\Users\JezieR\Desktop\Assassins Creed II.lnk[2010-04-21 15:23:24 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk[2010-04-21 15:00:31 | 000,000,862 | ---- | C] () -- C:\Users\JezieR\Desktop\Free PDF to Word Doc Converter.lnk[2010-04-18 22:35:46 | 000,000,589 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk[2010-04-17 23:50:15 | 000,000,110 | ---- | C] () -- C:\Users\JezieR\Documents\ax_files.xml[2010-04-17 23:45:12 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk[2010-04-17 21:25:32 | 000,000,458 | ---- | C] () -- C:\Users\Public\Desktop\ipla.lnk[2009-12-24 22:05:34 | 001,032,192 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll[2009-12-24 22:05:34 | 000,102,400 | ---- | C] () -- C:\Windows\System32\vorbisfile.dll[2009-12-24 22:05:33 | 001,253,376 | ---- | C] () -- C:\Windows\System32\vorbis.dll[2009-12-24 22:05:33 | 000,061,440 | ---- | C] () -- C:\Windows\System32\ogg.dll[2009-11-28 23:49:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys[2009-11-28 23:49:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat[2009-08-29 16:54:55 | 000,011,568 | ---- | C] () -- C:\Windows\System32\drivers\UimFIO.sys[2009-08-29 16:54:20 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll[2009-08-22 13:47:07 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll[2008-07-10 10:44:23 | 000,007,237 | ---- | C] () -- C:\Windows\cadx2.ini[2006-11-10 15:08:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:DFC5A2B2< End of report >

i "extras?" z otl : 

OTL Extras logfile created on: 2010-05-13 15:42:13 - Run 1OTL by OldTimer - Version 3.2.4.1     Folder = D:\Download\POBRANEWindows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstationInternet Explorer (Version = 7.0.6002.18005)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 46,82 Gb Total Space | 18,62 Gb Free Space | 39,78% Space Free | Partition Type: NTFSDrive D: | 651,82 Gb Total Space | 171,02 Gb Free Space | 26,24% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: JEZIER-PCCurrent User Name: JezieRLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Extra Registry (SafeList) ==========  ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].bat [@ = batfile] -- Reg Error: Key error. File not found.cmd [@ = cmdfile] -- Reg Error: Key error. File not found.com [@ = comfile] -- Reg Error: Key error. File not found.exe [@ = exefile] -- Reg Error: Key error. File not found.html [@ = ChromeHTML] -- C:\Users\JezieR\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.).pif [@ = piffile] -- Reg Error: Key error. File not found.vbs [@ = VBSFile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0"VistaSp1" = Reg Error: Unknown registry data type -- File not found"VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 0"DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]  ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{1064F38B-09F3-4398-B322-5CDE32AE2A55}" = lport=137 | protocol=17 | dir=in | app=system | "{142DAEF3-79B1-4C74-843E-966D4CAB5EBC}" = lport=138 | protocol=17 | dir=in | app=system | "{1898FEF6-E0BE-4F19-928B-72B08537B67B}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2C52A46E-67CC-4D32-8C48-2A96BAD6BC36}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{2C8BC412-46FF-48D2-9665-65C81F9B8C9E}" = rport=445 | protocol=6 | dir=out | app=system | "{2D7E4A42-05C2-4B27-8786-566BECC1B064}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{4A5F070B-03BF-40F0-992C-3C82C558F819}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4F1F5EBE-00C6-4C64-96E2-7753AC8E9586}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{70599B5C-724F-4CD9-837F-F8CDE43FF093}" = rport=138 | protocol=17 | dir=out | app=system | "{888A4B76-9FAC-4C15-95A8-519772E9347C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{8E468B55-48FD-4FB7-BECB-B3EF9B2612A3}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{95D15DA7-7911-499B-9797-1F62DBAEF267}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{9A83EA18-8B6E-47A7-AF53-5A37EB6CA1C9}" = lport=139 | protocol=6 | dir=in | app=system | "{B28E4312-F438-48F6-AC29-0C324088C27E}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{BFF78AA6-087B-4EEA-95FE-163C7B0170C6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{CD3297EE-5AFB-43D7-A399-D1B895802698}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{E49B9EB2-293D-4642-8784-D4E4A96C9085}" = lport=445 | protocol=6 | dir=in | app=system | "{EF8B3DCF-580E-4DAF-B06F-2492B6BA8D2E}" = rport=139 | protocol=6 | dir=out | app=system | "{F0F2F687-5F45-4A32-8FE9-8946A7AD6B4D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{F3A04F85-4EF5-4601-83E3-2D5BA78567E0}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{F529CA54-9FF9-4533-8221-272A0598DBD0}" = rport=137 | protocol=17 | dir=out | app=system | "{F99422DB-6B5C-45DA-AD8D-CF4ADF4C8748}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{FD82E13D-D349-4899-A384-0ACE75198358}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |  ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{000D8D0E-DA1D-4434-AC3E-9D14E04F2A10}" = protocol=17 | dir=in | app=d:\gry\uplaybrowser.exe | "{0452D641-241E-4A32-A34A-6578C3BE9C5D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{14449D1F-CF84-4FC2-993B-30A1A254D82B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{18111825-5D71-4061-97D8-E30BF7F5DA8E}" = protocol=17 | dir=in | app=d:\gry\valve\steam\steam.exe | "{18ABE2BF-7E76-4B39-9432-2519379E4A43}" = protocol=17 | dir=in | app=d:\gry\nn\nwn2main.exe | "{1AFD134F-C9B9-4ADA-B413-DD7E5EE4AD3D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1CEA4C53-DD44-465C-964A-98E524C3834C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1EDF40CA-69C9-4677-AED8-F3D51328C9A8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{20459225-4D85-45AD-A7D5-A42B35C02D94}" = protocol=6 | dir=in | app=d:\gry\nn\nwn2main.exe | "{2213C68B-27E1-4981-B7EB-BB56838B748D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{282D8134-1DA0-4DC9-A3DE-134D17EC27DC}" = protocol=17 | dir=in | app=d:\gry\res\re5dx10.exe | "{2D0AED2A-72FB-474A-986E-3E09FF1097E8}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{31D3A4B3-921D-4E68-99D6-47010F44B9EB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{34CB4605-B5C2-4BF5-81F0-9C30B5FBC822}" = protocol=17 | dir=in | app=d:\gry\assassinscreedii.exe | "{365D86FF-7D10-4130-95DF-69861247CB8E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3821ACCD-DA61-4F52-B6FF-1C964326E4FA}" = protocol=6 | dir=in | app=d:\gry\valve\steam\steam.exe | "{38297CBA-40B2-491F-A006-8B3F311DE38E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3EE72463-F73B-46DB-98AC-141176DAD9DF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{41CFE778-5BCD-4DAF-A104-3D8BDA582A3E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4739FC02-2846-4FAA-B802-1EF3D4D6C698}" = protocol=6 | dir=in | app=d:\gry\assassinscreediigame.exe | "{4FE747B8-1BC1-40DF-AC61-96E220BF061A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{50F99016-788A-4CEF-B3AA-4ED2E0E8289E}" = protocol=17 | dir=in | app=d:\gry\res\re5dx9.exe | "{5415C37D-9609-4BA4-AA8E-F0E23647B2F5}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{571C4943-45BC-43FB-B9DA-4AA886D5D6BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{57974870-3ABD-46DD-BD27-14850D5787F9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{58937BFC-CBD9-458C-9D0B-6C5A9B03EBBD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{5A92AB94-F52B-40A8-A82E-21CAE8EA7210}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{61B30292-3889-4C77-9901-6D680EC89679}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{61FECDCA-9F6A-4B7C-9A92-20401046CACA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{678CB033-54D8-4A83-807C-857CCD0D86DC}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{69A7D94B-FF43-4F8D-BDAF-A6281473D7CF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{6E8466C0-6019-4CDB-897B-7869782B8A5F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{81ED0C67-DB32-4671-9E2E-0F5E21491D01}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{8B8716B1-CBEB-4CAA-9557-84A4609635F9}" = protocol=17 | dir=in | app=d:\gry\nn\nwupdate.exe | "{9095BF55-1654-4F49-8D38-94167150E28C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{9A0C03F7-078D-4F47-AAD7-64A61E7FE03C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{9BE90B99-A04A-4E88-BFD8-A7911B7BFDF5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{9C6D16F1-E452-4667-B8EC-61711F38B7A4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{A09F184C-04A3-4941-BC35-8D15F7F586FB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A221E07D-1499-4313-B4AB-59353C24575A}" = protocol=6 | dir=in | app=d:\gry\nn\nwn2server.exe | "{A2B71999-A322-4070-BD7F-0981BA6737A2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A3518299-0172-4545-A851-8F5CC1D7B75B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{A4C8A41A-FFE3-4ECA-B27E-E9F64FF4223B}" = protocol=6 | dir=in | app=d:\gry\res\re5dx9.exe | "{A5E9891B-D9F5-45BB-B4E3-A0A599A8B914}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{B11CEEFE-0C10-4B71-9238-176108F5E8B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{B8A5BBF2-5CE9-4740-A851-56B1FB9D2021}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{BAA0829F-DECE-4FE6-AAAE-E92557278704}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{BDB38990-5EA2-47DF-9072-B400A8833150}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C0EC1A54-FA88-46BB-AAEA-A5911B68A1E1}" = protocol=17 | dir=in | app=d:\gry\assassinscreediigame.exe | "{C15F048F-4B95-4256-BAFA-2FB72390A3B7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C1BC2B5F-A720-4FEF-ACA3-E20A8C8C42A7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{C5CB30E3-0523-40E2-96FB-1FD0F2198C8E}" = protocol=6 | dir=in | app=d:\gry\nn\nwn2main_amdxp.exe | "{C8FED21C-DEED-43EE-8B62-17C159D83B8F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{D9A39FCF-27F2-4B7D-AD17-C9E963ECF1FB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{DF0663EB-CE27-4B7A-BA06-FEC848A0B69F}" = protocol=6 | dir=in | app=d:\gry\nn\nwupdate.exe | "{E01871BB-14D1-4C03-ABA3-6D0D16EBEFA5}" = protocol=6 | dir=in | app=d:\gry\assassinscreedii.exe | "{E0E4CD98-BACD-4E20-941C-1892753AED9B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E2D7CB6D-3F6E-4617-BF26-C485709FE3DA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E4F0453B-FB6F-40C6-B237-DF0B9B92FD5C}" = protocol=17 | dir=in | app=d:\gry\valve\steam\steamapps\jezier_ski\counter-strike\hl.exe | "{E629D622-5DC7-4D0E-9A97-9108E19CC4A5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E8EAD481-51F6-4F0F-9F82-51852BFBE4E5}" = protocol=6 | dir=in | app=d:\gry\res\re5dx10.exe | "{EB5F6EA3-3055-4D07-883E-C88E2286FA21}" = protocol=6 | dir=in | app=d:\gry\valve\steam\steamapps\jezier_ski\counter-strike\hl.exe | "{EC27524E-9947-4B9E-BBDA-C5A97D32A320}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F2148726-A529-450F-8412-81DF45C24715}" = protocol=17 | dir=in | app=d:\gry\nn\nwn2server.exe | "{F42CFFD2-E798-400E-A5E7-489200431C36}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{F61CB64F-2339-49A1-899E-34A46BE4AB2D}" = protocol=6 | dir=in | app=d:\gry\uplaybrowser.exe | "{FC314CFC-9755-477D-9566-345DC0969CCA}" = protocol=17 | dir=in | app=d:\gry\nn\nwn2main_amdxp.exe | "TCP Query User{54F6EBB0-1692-438A-B56E-A22593EA892B}D:\gry\valve\steam\steamapps\jezier_ski\condition zero\hl.exe" = protocol=6 | dir=in | app=d:\gry\valve\steam\steamapps\jezier_ski\condition zero\hl.exe | "UDP Query User{F02D8254-A2A5-47D4-BB5D-8F3067188187}D:\gry\valve\steam\steamapps\jezier_ski\condition zero\hl.exe" = protocol=17 | dir=in | app=d:\gry\valve\steam\steamapps\jezier_ski\condition zero\hl.exe |  ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053"{6693E024-E2D3-477C-8EF9-4D484F3B3071}" = Seagate Manager Installer"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)"{90120000-0017-0415-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Polish) 2007"{90120000-0017-0415-0000-0000000FF1CE}_SharePointDesigner_{A740A405-DDE4-461F-AC66-6C79E81C87BE}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-001F-0415-0000-0000000FF1CE}_SharePointDesigner_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-006E-0415-0000-0000000FF1CE}_SharePointDesigner_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE"{A35001F0-F1E4-11DD-A38B-005056C00008}" = Paragon Partition Manager™ 9.5 Professional"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage"{C716522C-3731-4667-8579-40B098294500}" = Toolbox"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional Trial"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{D155D300-C235-44FC-981C-F7B34683439C}" = Paragon Drive Backup 8.51 Professional Trial"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem  (10/05/2009 4.2)"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)"7-Zip" = 7-Zip 4.65"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem  (06/01/2009 7.01.0.4)"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1"AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02"ATITool" = ATITool Overclocking Utility"Counter-Strike 1.6_is1" = Counter-Strike 1.6"DAEMON Tools Toolbar" = DAEMON Tools Toolbar"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters"Driver Cleaner" = Driver Cleaner 3"Driver Updater Pro" = Driver Updater Pro"DriverAgent.exe" = DriverAgent by eSupport.com"Elasto Mania" = Elasto Mania"enable Tuner" = enable Tuner 4.0"ENTERPRISE" = Microsoft Office Enterprise 2007"EXPERTool_is1" = EXPERTool 7.6"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1"free-downloads.net Toolbar" = free-downloads.net Toolbar"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker"Guitar Pro 5_is1" = Guitar Pro 5.2"HijackThis" = HijackThis 2.0.2"HP Imaging Device Functions" = HP Imaging Device Functions 8.0"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0"HPExtendedCapabilities" = HP Customer Parti[beeep]tion Program 8.0"HPOCR" = HP OCR Software 8.0"InstallShield_{6693E024-E2D3-477C-8EF9-4D484F3B3071}" = Seagate Manager Installer"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo"ipla" = ipla 2.1.0"IrfanView" = IrfanView (remove only)"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"MoorHunt_is1" = MoorHunt 0.6.3.0"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)"MSC" = McAfee AntiVirus Plus"Native Instruments Controller Editor" = Native Instruments Controller Editor"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4"Native Instruments Service Center" = Native Instruments Service Center"Nokia PC Suite" = Nokia PC Suite"NVIDIA Display Control Panel" = NVIDIA Display Control Panel"NVIDIA Drivers" = NVIDIA Drivers"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver"oggcodecs" = oggcodecs 0.71.0946"OpenAL" = OpenAL"Penumbra - Czarna Plaga_is1" = Penumbra - Czarna Plaga"Random Clock# Generator" = Random Clock# Generator"RealAlt_is1" = <a href="http://www.download.net.pl/107/Real-Alternative/">Real Alternative</a> 2.0.1"SharePointDesigner" = Microsoft Office SharePoint Designer 2007"SiSoftware Sandra Lite 2007_is1" = SiSoftware Sandra Lite 2007 (Win64/32/CE)"Steam App 18110" = Shattered Horizon"TeamSpeak 3 Client" = TeamSpeak 3 Client"TECHKAR_is1" = Karaoke for Fun - Polski MuzykoPak 80"uTorrent" = µTorrent"WinGimp-2.0_is1" = GIMP 2.6.7 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 2010-05-12 15:04:05 | Computer Name = JezieR-PC | Source = Application Error | ID = 1000Description = Faulting application WoW.exe, version 1.8.0.4735, time stamp 0x4345f398, faulting module DivxDecoder.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception code 0xc0000135, fault offset 0x00009eed,  process id 0x570, application start time 0x01caf205e121117f. Error - 2010-05-12 15:24:45 | Computer Name = JezieR-PC | Source = System Restore | ID = 8193Description =  Error - 2010-05-12 15:25:34 | Computer Name = JezieR-PC | Source = WinMgmt | ID = 10Description =  Error - 2010-05-12 17:21:38 | Computer Name = JezieR-PC | Source = Application Hang | ID = 1002Description = The program Wow.exe version 3.2.2.10505 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.  Process ID: 17b8  Start Time: 01caf212dc5ede41  Termination Time: 950 Error - 2010-05-12 18:36:34 | Computer Name = JezieR-PC | Source = System Restore | ID = 8193Description =  Error - 2010-05-12 18:36:40 | Computer Name = JezieR-PC | Source = System Restore | ID = 8193Description =  Error - 2010-05-12 18:37:11 | Computer Name = JezieR-PC | Source = Windows Search Service | ID = 3006Description =  Error - 2010-05-12 18:37:11 | Computer Name = JezieR-PC | Source = Windows Search Service | ID = 3007Description =  Error - 2010-05-12 18:37:41 | Computer Name = JezieR-PC | Source = System Restore | ID = 8193Description =  Error - 2010-05-13 08:15:53 | Computer Name = JezieR-PC | Source = WinMgmt | ID = 10Description =  [ System Events ]Error - 2010-01-19 20:20:38 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7011Description =  Error - 2010-01-19 20:21:09 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7011Description =  Error - 2010-01-19 20:47:27 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7011Description =  Error - 2010-01-20 06:03:09 | Computer Name = JezieR-PC | Source = Dhcp | ID = 1002Description = The IP address lease 192.168.2.3 for the Network Card with network address 00219B0151E9 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). Error - 2010-01-20 06:14:47 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7009Description =  Error - 2010-01-20 06:14:47 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7000Description =  Error - 2010-01-21 05:50:21 | Computer Name = JezieR-PC | Source = Dhcp | ID = 1002Description = The IP address lease 192.168.2.2 for the Network Card with network address 00219B0151E9 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). Error - 2010-01-21 17:36:49 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7009Description =  Error - 2010-01-21 17:36:49 | Computer Name = JezieR-PC | Source = Service Control Manager | ID = 7000Description =  Error - 2010-01-22 05:22:23 | Computer Name = JezieR-PC | Source = Dhcp | ID = 1002Description = The IP address lease 192.168.2.2 for the Network Card with network address 00219B0151E9 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).  < End of report >

niewiem czy tylko ja nie mam takiej opcji jak spoiler albo cos takiego ? :E bo w tej chwili kółeczko mychy wymieka...

// jest codebox / mac

Użytkownik Macsch15 edytował ten post 13 05 2010 - 15:49

  • 0

#4 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 13 05 2010 - 17:50

Niestety, logi niczego nie wyjaśniły: nie widać w nich tego pliku.

C:\Windows\System32\swsc.exe

Sprawdź go na --> JOTTI/ albo na VIRUSTOTAL.

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O33 - MountPoints2\{18e21256-a05e-11de-abe6-00219b0151e9}\Shell\AutoRun\command - "" = E:\ph.exe -- File not found
O33 - MountPoints2\{18e21256-a05e-11de-abe6-00219b0151e9}\Shell\open\Command - "" = E:\ph.exe -- File not found
O33 - MountPoints2\{7fbc0ee1-affb-11de-b5bf-00219b0151e9}\Shell\AutoRun\command - "" = E:\wrsf.exe -- File not found
O33 - MountPoints2\{7fbc0ee1-affb-11de-b5bf-00219b0151e9}\Shell\open\Command - "" = E:\wrsf.exe -- File not found
O33 - MountPoints2\{7fbc0ee5-affb-11de-b5bf-00219b0151e9}\Shell\AutoRun\command - "" = K:\wrsf.exe -- File not found
O33 - MountPoints2\{7fbc0ee5-affb-11de-b5bf-00219b0151e9}\Shell\open\Command - "" = K:\wrsf.exe -- File not found
[2010-05-12 21:20:15 | 000,000,000 | ---D | C] -- C:\Qoobox

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[resethosts]
[Reboot]

Kliknij w Run Fix.

.
  • 0

#5 Jezierski

Jezierski

    Nie truć na gg.

  • 351 postów

Napisano 13 05 2010 - 23:34

no "sfiksowałem" to co napisałes, niestety nie pomogło : / podejrzewam mimo wszystko że to wina antywirusa ale pojęcia nie mam jak tam znaleźć kwarantanne...
  • 0

#6 Jochnka

Jochnka

    Selfie

  • 356 postów

Napisano 14 05 2010 - 14:36

Aktualizowany antywirus? jaka wersja?
  • 0

#7 Jezierski

Jezierski

    Nie truć na gg.

  • 351 postów

Napisano 14 05 2010 - 15:40

tak, był on ostatnio zaktualizowany ale to nie ma raczej nic do rzeczy- kiedyś miałem ten problem, a że nie było to nic ważnego to odpuściłem - nie chciało mi sie truć z tym :E

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·