Kamil_Wu utworzono 6 lutego 2010 utworzono 6 lutego 2010 (edytowane) Witam Potrzebuję pomocy w dwóch sprawach. 1. Przy uruchamianiu komputera wyskakuje taki komunikat: Program c:windows\system32\rasman.dll nie jest przeznaczony do uruchamiania w systemie windows Nie mam pojęcia co się dzieje. Nic nie odinstalowywałem. Nic nie zmieniałem. Nie mogę nigdzie w necie znaleźć rozwiązania. Komputer muli, zwalnia i bez przerwy wyskakuje ten komunikat. 2. Chciałem zrobić kopię zapasową systemu, ale na koniec procesu wyskoczył komunikat o odmowie dostępu i kod 0x80070005 3. Nie działa mi przycisk Fn i podgłaszanie głośników. Nie wiem czy przyczyną nie jest brak tego pliku rasman.dll Aha. System Windows Vista. Będę wdzięczny za każdą pomoc
asmodeuszz komentarz 6 lutego 2010 komentarz 6 lutego 2010 Istnieje podejrzenie infekcji. Wrzuć log z OTL i przeniosę do działu Bezpieczeństwo.
Kamil_Wu komentarz 6 lutego 2010 Autor komentarz 6 lutego 2010 Który wynik z OTL mam wrzucić? Otworzyły mi się dwa tekstowe: extras o otl
Kamil_Wu komentarz 6 lutego 2010 Autor komentarz 6 lutego 2010 (edytowane) [log]OTL logfile created on: 2010-02-06 18:21:37 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Monika\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 72,09 Gb Total Space | 28,27 Gb Free Space | 39,21% Space Free | Partition Type: NTFS Drive D: | 116,00 Gb Total Space | 40,95 Gb Free Space | 35,31% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 100,00 Gb Total Space | 65,01 Gb Free Space | 65,01% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MONIKA-PC Current User Name: Monika Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-02-06 18:12:19 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe PRC - [2010-02-06 01:25:08 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Dwm.exe PRC - [2010-01-23 15:18:54 | 000,009,216 | ---- | M] (www.shadowexplorer.com) -- C:\Program Files\ShadowExplorer\sesvc.exe PRC - [2010-01-06 18:42:56 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-11-25 17:29:10 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2009-04-11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:58 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE PRC - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-10-20 21:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2008-07-22 15:33:50 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008-07-10 20:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-07-10 20:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:24:28 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe PRC - [2008-01-21 03:23:52 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2008-01-21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WLANExt.exe PRC - [2007-07-04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe PRC - [2006-10-05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006-04-14 02:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-02-06 18:12:19 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe MOD - [2010-01-02 07:38:04 | 001,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2010-01-02 07:32:33 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2010-01-02 07:32:32 | 011,070,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2009-11-25 17:30:28 | 000,171,552 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll MOD - [2009-10-08 22:08:01 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2009-10-01 02:02:17 | 002,537,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll MOD - [2009-09-24 23:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-04-11 07:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll MOD - [2009-04-11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:01 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 10:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-01-27 22:31:56 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\System32\msdtc -- (MSDTC) SRV - [2010-01-23 15:18:54 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Unknown | Running] -- C:\Program Files\ShadowExplorer\sesvc.exe -- (sesvc) SRV - [2009-11-26 20:07:26 | 000,135,664 | ---- | M] (Google Inc.) [Unknown | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2009-11-25 17:29:10 | 000,723,632 | ---- | M] (COMODO) [Unknown | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-04-11 07:28:18 | 000,000,000 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv) SRV - [2009-04-11 07:28:18 | 000,000,000 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder) SRV - [2008-10-20 21:18:26 | 000,071,096 | ---- | M] () [Unknown | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008-07-22 15:33:50 | 000,354,840 | ---- | M] (Intel Corporation) [Unknown | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2008-07-10 20:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Unknown | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-07-10 20:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Unknown | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-06-08 23:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Unknown | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-16 09:37:38 | 000,000,000 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv) SRV - [2006-11-02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2006-10-26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-10-05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Unknown | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006-04-14 02:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) SRV - [2006-04-14 02:05:58 | 000,240,416 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2006-04-14 02:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2005-10-13 19:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Unknown | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-01-29 19:35:49 | 000,047,360 | ---- | M] (VSO Software) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin) DRV - [2009-12-30 23:49:41 | 000,278,984 | ---- | M] () [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009-12-30 23:49:40 | 000,025,416 | ---- | M] () [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-11-25 17:31:47 | 000,074,328 | ---- | M] (COMODO) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2009-11-25 17:30:26 | 000,029,520 | ---- | M] (COMODO) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2009-11-25 17:30:25 | 000,128,376 | ---- | M] (COMODO) [File_System | Unknown | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Unknown | Running] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot) DRV - [2009-03-20 01:24:21 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2008-08-06 03:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-07-22 15:33:02 | 000,319,000 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor) DRV - [2008-06-26 06:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008-06-25 11:29:08 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2008-06-08 23:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-05-08 10:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\iaNvStor.sys -- (iaNvStor) Intel(R) DRV - [2008-04-17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-03-28 11:19:54 | 001,363,088 | ---- | M] (Syntek) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini) DRV - [2008-02-14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-07-15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2006-11-28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:51:30 | 000,000,000 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-11-02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006-10-19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003\S-1-5-21-1638569717-3236376331-3682086134-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:3.1.0 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1 FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.21 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-06 01:31:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-06 18:42:56 | 000,000,000 | ---D | M] [2009-10-25 20:13:53 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2010-02-06 01:51:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions [2010-01-23 13:48:54 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010-01-23 13:43:08 | 000,000,000 | ---D | M] (AniWeather) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2010-01-23 03:07:24 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-01-11 04:04:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B} [2010-01-23 03:06:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-01-23 03:11:39 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\personas@christopher.beard [2010-01-23 03:31:33 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\3ntrb2kg.default\extensions\smarterwiki@wikiatic.com [2010-02-06 01:51:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-07-17 09:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-11-07 22:36:05 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-11-07 22:36:05 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-11-07 22:36:05 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-11-07 22:36:05 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-11-07 22:36:05 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-11-07 22:36:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1638569717-3236376331-3682086134-1003..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{98a48b7d-14e5-11de-a880-c482159fe5b4}\Shell - "" = AutoRun O33 - MountPoints2\{98a48b7d-14e5-11de-a880-c482159fe5b4}\Shell\AutoRun\command - "" = G:\AUTORUN.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: AudioSrv - C:\Windows\System32\audiosrv.dll () NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008-01-21 03:34:27 | 000,000,000 | ---D | M] NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-02-06 18:12:08 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2010-02-06 16:10:53 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2010-02-06 15:34:47 | 000,000,000 | --SD | C] -- C:\ComboFix [2010-02-06 02:57:58 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\ss [2010-02-06 02:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\ShadowExplorer [2010-02-06 02:44:11 | 000,935,756 | ---- | C] (ShadowExplorer.com ) -- C:\Users\Monika\Desktop\ShadowExplorer-0.7-setup.exe [2010-02-06 02:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\RegSupreme Pro [2010-02-06 02:16:12 | 002,953,494 | ---- | C] (Macecraft Software ) -- C:\Users\Monika\Desktop\RegSupremePro_setup.exe [2010-02-06 01:59:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\setup [2010-02-06 01:59:23 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\crack [2010-02-06 01:50:11 | 002,082,776 | ---- | C] (ParetoLogic Inc.) -- C:\Users\Monika\Desktop\RegCureSetup_CB.exe [2010-02-06 01:46:29 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\www.shadowexplorer.com [2010-02-06 01:45:56 | 000,935,645 | ---- | C] (ShadowExplorer.com ) -- C:\Users\Monika\Desktop\ShadowExplorer-0.6-setup.exe [2010-02-03 20:46:42 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\HC [2010-02-02 13:02:57 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\GTA San Andreas User Files [2010-01-29 22:32:44 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\AVI ReComp [2010-01-29 22:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest [2010-01-29 22:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2010-01-29 22:32:13 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5 [2010-01-29 22:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVI ReComp [2010-01-29 21:48:11 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\11111 [2010-01-29 21:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Cole2k Media - DVD Rip Pack [2010-01-29 21:37:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\GHISLER [2010-01-29 21:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd [2010-01-29 21:28:51 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\GHISLER [2010-01-29 19:46:19 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\ConvertXToDVD [2010-01-29 19:35:49 | 000,047,360 | ---- | C] (VSO Software) -- C:\Windows\System32\drivers\pcouffin.sys [2010-01-29 19:35:49 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Monika\AppData\Roaming\pcouffin.sys [2010-01-29 19:35:48 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Vso [2010-01-29 19:35:48 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\PcSetup [2010-01-29 19:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player [2010-01-29 19:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\URUSoft [2010-01-29 03:00:34 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur [2010-01-29 01:00:10 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Call_of_Juarez_Bound_In_Blood_-_Poradnik_Gry-OnLine [2010-01-29 00:34:50 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Call of Juarez - Bound in Blood [2010-01-27 07:33:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\call of juarez [2010-01-24 23:40:01 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Downloads [2010-01-24 16:55:10 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\mieszkanie-pomysły [2010-01-24 02:22:10 | 000,000,000 | ---D | C] -- C:\Windows\SWAT 4 [2010-01-23 12:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Uninstaller [2010-01-23 06:07:02 | 000,000,000 | ---D | C] -- C:\ProgramData\game_fillup_v2_usa [2010-01-15 16:13:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Syberia 2 Saves [2010-01-15 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Syberia Saves [2010-01-14 23:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\Kolekcja Klasyki [2010-01-14 23:21:55 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\COMODO [2010-01-11 04:11:57 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Sun [2010-01-10 23:55:47 | 000,000,000 | ---D | C] -- C:\HattrickOrganizer [2006-11-24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [2 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-02-06 18:23:08 | 002,359,296 | -HS- | M] () -- C:\Users\Monika\ntuser.dat [2010-02-06 18:13:56 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat [2010-02-06 18:12:19 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2010-02-06 18:12:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-02-06 18:04:08 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-02-06 18:04:08 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-02-06 17:37:20 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3D133AD3-7F63-4035-9A36-E9A6FE83EE06}.job [2010-02-06 16:10:32 | 001,608,838 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-02-06 16:10:32 | 000,712,112 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-02-06 16:10:32 | 000,636,790 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-02-06 16:10:32 | 000,145,686 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-02-06 16:10:32 | 000,119,616 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-02-06 16:09:51 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\SupBackGroundTask.job [2010-02-06 16:09:16 | 000,115,743 | ---- | M] () -- C:\Users\Monika\Desktop\wwwwwwwwwwwwwwwwwwwwwwwwwwww.jpg [2010-02-06 16:05:19 | 000,193,566 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010-02-06 16:04:54 | 000,193,566 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010-02-06 16:04:44 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-02-06 16:04:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-02-06 16:04:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-02-06 16:03:26 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TMContainer00000000000000000001.regtrans-ms [2010-02-06 16:03:26 | 000,065,536 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TM.blf [2010-02-06 16:03:24 | 000,007,358 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010-02-06 16:03:21 | 003,555,014 | -H-- | M] () -- C:\Users\Monika\AppData\Local\IconCache.db [2010-02-06 15:31:53 | 003,849,084 | R--- | M] () -- C:\Users\Monika\Desktop\ComboFix.exe [2010-02-06 13:09:38 | 000,002,726 | ---- | M] () -- C:\Windows\System32\setup_XP.ini [2010-02-06 12:16:26 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010-02-06 12:04:39 | 029,820,528 | ---- | M] () -- C:\Users\Monika\Desktop\launch.exe [2010-02-06 04:54:01 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TMContainer00000000000000000002.regtrans-ms [2010-02-06 03:24:41 | 002,359,296 | -HS- | M] () -- C:\Users\Monika\ntuser.dat_previous [2010-02-06 03:24:40 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TMContainer00000000000000000001.regtrans-ms [2010-02-06 03:24:40 | 000,065,536 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TM.blf [2010-02-06 03:13:16 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010-02-06 02:45:27 | 000,001,682 | ---- | M] () -- C:\Users\Monika\Desktop\ShadowExplorer.lnk [2010-02-06 02:44:19 | 000,935,756 | ---- | M] (ShadowExplorer.com ) -- C:\Users\Monika\Desktop\ShadowExplorer-0.7-setup.exe [2010-02-06 02:17:39 | 000,001,831 | ---- | M] () -- C:\Users\Monika\Desktop\Dokonaj zakupu RegSupreme Pro.lnk [2010-02-06 02:17:21 | 000,000,023 | -HS- | M] () -- C:\Windows\System32\eaabffcefedf8_d.dll [2010-02-06 02:17:17 | 000,000,023 | ---- | M] () -- C:\Windows\System32\cbcbbddcce_d.ocx [2010-02-06 02:17:08 | 000,000,807 | ---- | M] () -- C:\Users\Monika\Desktop\RegSupreme Pro.lnk [2010-02-06 02:16:40 | 002,953,494 | ---- | M] (Macecraft Software ) -- C:\Users\Monika\Desktop\RegSupremePro_setup.exe [2010-02-06 02:00:25 | 000,000,000 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\RegCure.exe [2010-02-06 01:58:55 | 005,327,660 | ---- | M] () -- C:\Users\Monika\Desktop\RegCure.v1.5.1.rar [2010-02-06 01:50:18 | 002,082,776 | ---- | M] (ParetoLogic Inc.) -- C:\Users\Monika\Desktop\RegCureSetup_CB.exe [2010-02-06 01:46:02 | 000,935,645 | ---- | M] (ShadowExplorer.com ) -- C:\Users\Monika\Desktop\ShadowExplorer-0.6-setup.exe [2010-02-06 01:25:00 | 000,066,594 | ---- | M] () -- C:\Windows\System32\C_874.NLS [2010-02-05 07:22:25 | 000,013,046 | ---- | M] () -- C:\Users\Monika\Documents\2010-02-05.hrf [2010-02-04 07:34:55 | 000,013,516 | ---- | M] () -- C:\Users\Monika\Documents\2010-02-04.hrf [2010-02-03 23:49:22 | 000,012,140 | ---- | M] () -- C:\Users\Monika\Documents\2010-02-03.hrf [2010-02-03 20:45:29 | 001,282,760 | ---- | M] () -- C:\Users\Monika\Desktop\hot_coffee_v2_1.zip [2010-02-03 10:36:12 | 000,000,051 | ---- | M] () -- C:\Users\Monika\Desktop\NFS2000.Prv.PL.url [2010-02-03 10:34:39 | 000,000,590 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed - Porsche 2000.lnk [2010-02-02 12:42:37 | 000,000,603 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010-02-02 09:03:11 | 000,012,646 | ---- | M] () -- C:\Users\Monika\Documents\2010-02-02.hrf [2010-02-01 17:11:40 | 000,012,646 | ---- | M] () -- C:\Users\Monika\Documents\2010-02-01.hrf [2010-01-31 15:00:42 | 000,013,105 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-31.hrf [2010-01-30 12:18:23 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Nowe Gadu-Gadu.lnk [2010-01-30 03:05:31 | 000,087,608 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\inst.exe [2010-01-30 03:05:31 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Monika\AppData\Roaming\pcouffin.sys [2010-01-30 03:05:31 | 000,007,887 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\pcouffin.cat [2010-01-30 03:05:31 | 000,001,144 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\pcouffin.inf [2010-01-29 23:49:14 | 000,029,184 | ---- | M] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-29 22:11:20 | 001,875,878 | ---- | M] () -- C:\Users\Monika\Desktop\DivX_update.zip [2010-01-29 19:46:49 | 000,001,041 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\vso_ts_preview.xml [2010-01-29 19:35:49 | 000,047,360 | ---- | M] (VSO Software) -- C:\Windows\System32\drivers\pcouffin.sys [2010-01-29 04:31:51 | 000,012,177 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-29.hrf [2010-01-29 00:38:50 | 000,000,644 | ---- | M] () -- C:\Users\Monika\Desktop\CoJBiBGame_x86 — skrót.lnk [2010-01-28 19:27:17 | 000,012,176 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-28.hrf [2010-01-28 09:56:23 | 000,023,666 | ---- | M] () -- C:\Users\Monika\Desktop\Curriculum vitae.docx [2010-01-27 23:54:19 | 000,012,176 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-27.hrf [2010-01-27 14:00:23 | 000,000,997 | ---- | M] () -- C:\Users\Monika\Desktop\CoJ — skrót.lnk [2010-01-27 13:37:45 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TMContainer00000000000000000002.regtrans-ms [2010-01-27 13:23:44 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010-01-27 13:23:44 | 000,065,536 | -HS- | M] () -- C:\Users\Monika\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010-01-24 13:22:36 | 000,013,096 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-24.hrf [2010-01-24 02:50:37 | 000,000,910 | ---- | M] () -- C:\Users\Monika\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk [2010-01-24 02:50:37 | 000,000,838 | ---- | M] () -- C:\Users\Monika\Desktop\Swat 4.lnk [2010-01-22 03:11:25 | 000,013,101 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-22.hrf [2010-01-21 14:36:27 | 000,013,101 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-21.hrf [2010-01-20 19:45:24 | 000,013,098 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-20.hrf [2010-01-18 22:21:24 | 000,013,547 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-18.hrf [2010-01-17 14:05:13 | 000,012,208 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-17.hrf [2010-01-15 16:13:36 | 000,000,970 | ---- | M] () -- C:\Users\Monika\Desktop\Syberia 2.lnk [2010-01-15 08:14:10 | 000,012,224 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-15.hrf [2010-01-14 23:48:36 | 000,000,947 | ---- | M] () -- C:\Users\Monika\Desktop\Syberia.lnk [2010-01-14 00:31:55 | 000,013,062 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-14.hrf [2010-01-11 17:08:20 | 000,013,132 | ---- | M] () -- C:\Users\Monika\Documents\2010-01-11.hrf [2010-01-10 23:55:53 | 000,001,433 | ---- | M] () -- C:\Users\Public\Desktop\Hattrick Organizer.lnk [2010-01-09 00:46:39 | 000,000,526 | ---- | M] () -- C:\Windows\eReg.dat [2 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-02-06 18:16:47 | 000,022,529 | ---- | C] () -- C:\Users\Monika\Desktop\user.php [2010-02-06 18:16:36 | 000,218,893 | ---- | C] () -- C:\Users\Monika\Desktop\index(3).php [2010-02-06 18:16:34 | 000,063,557 | ---- | C] () -- C:\Users\Monika\Desktop\index(2).php [2010-02-06 18:16:25 | 000,063,557 | ---- | C] () -- C:\Users\Monika\Desktop\index.php [2010-02-06 16:09:16 | 000,115,743 | ---- | C] () -- C:\Users\Monika\Desktop\wwwwwwwwwwwwwwwwwwwwwwwwwwww.jpg [2010-02-06 15:31:34 | 003,849,084 | R--- | C] () -- C:\Users\Monika\Desktop\ComboFix.exe [2010-02-06 13:09:26 | 000,002,726 | ---- | C] () -- C:\Windows\System32\setup_XP.ini [2010-02-06 12:16:26 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010-02-06 12:02:28 | 029,820,528 | ---- | C] () -- C:\Users\Monika\Desktop\launch.exe [2010-02-06 03:25:42 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TMContainer00000000000000000002.regtrans-ms [2010-02-06 03:25:42 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TMContainer00000000000000000001.regtrans-ms [2010-02-06 03:25:42 | 000,065,536 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{9dc449e4-12c5-11df-925a-f3f3f8757bad}.TM.blf [2010-02-06 02:45:27 | 000,001,682 | ---- | C] () -- C:\Users\Monika\Desktop\ShadowExplorer.lnk [2010-02-06 02:17:39 | 000,001,831 | ---- | C] () -- C:\Users\Monika\Desktop\Dokonaj zakupu RegSupreme Pro.lnk [2010-02-06 02:17:21 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\eaabffcefedf8_d.dll [2010-02-06 02:17:17 | 000,000,023 | ---- | C] () -- C:\Windows\System32\cbcbbddcce_d.ocx [2010-02-06 02:17:08 | 000,000,807 | ---- | C] () -- C:\Users\Monika\Desktop\RegSupreme Pro.lnk [2010-02-06 02:00:25 | 000,000,000 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\RegCure.exe [2010-02-06 01:58:33 | 005,327,660 | ---- | C] () -- C:\Users\Monika\Desktop\RegCure.v1.5.1.rar [2010-02-05 00:49:45 | 000,013,046 | ---- | C] () -- C:\Users\Monika\Documents\2010-02-05.hrf [2010-02-04 00:26:23 | 000,013,516 | ---- | C] () -- C:\Users\Monika\Documents\2010-02-04.hrf [2010-02-03 20:45:18 | 001,282,760 | ---- | C] () -- C:\Users\Monika\Desktop\hot_coffee_v2_1.zip [2010-02-03 10:36:12 | 000,000,051 | ---- | C] () -- C:\Users\Monika\Desktop\NFS2000.Prv.PL.url [2010-02-03 10:34:39 | 000,000,590 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed - Porsche 2000.lnk [2010-02-03 01:11:43 | 000,012,140 | ---- | C] () -- C:\Users\Monika\Documents\2010-02-03.hrf [2010-02-02 12:42:37 | 000,000,603 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010-02-02 09:03:11 | 000,012,646 | ---- | C] () -- C:\Users\Monika\Documents\2010-02-02.hrf [2010-02-01 04:25:54 | 000,012,646 | ---- | C] () -- C:\Users\Monika\Documents\2010-02-01.hrf [2010-01-31 13:20:41 | 000,013,105 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-31.hrf [2010-01-29 22:11:14 | 001,875,878 | ---- | C] () -- C:\Users\Monika\Desktop\DivX_update.zip [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2010-01-29 21:28:51 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2010-01-29 19:40:46 | 000,001,041 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\vso_ts_preview.xml [2010-01-29 19:38:47 | 000,000,033 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\pcouffin.log [2010-01-29 19:35:49 | 000,087,608 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\inst.exe [2010-01-29 19:35:49 | 000,007,887 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\pcouffin.cat [2010-01-29 19:35:49 | 000,001,144 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\pcouffin.inf [2010-01-29 04:31:51 | 000,012,177 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-29.hrf [2010-01-29 00:38:50 | 000,000,644 | ---- | C] () -- C:\Users\Monika\Desktop\CoJBiBGame_x86 — skrót.lnk [2010-01-28 19:27:17 | 000,012,176 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-28.hrf [2010-01-28 09:53:01 | 000,023,666 | ---- | C] () -- C:\Users\Monika\Desktop\Curriculum vitae.docx [2010-01-27 23:54:19 | 000,012,176 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-27.hrf [2010-01-27 14:00:23 | 000,000,997 | ---- | C] () -- C:\Users\Monika\Desktop\CoJ — skrót.lnk [2010-01-27 13:33:00 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TMContainer00000000000000000002.regtrans-ms [2010-01-27 13:33:00 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TMContainer00000000000000000001.regtrans-ms [2010-01-27 13:33:00 | 000,065,536 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{0be0375a-0b40-11df-981a-c2f79149ccc8}.TM.blf [2010-01-24 02:50:37 | 000,000,910 | ---- | C] () -- C:\Users\Monika\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk [2010-01-24 02:50:37 | 000,000,838 | ---- | C] () -- C:\Users\Monika\Desktop\Swat 4.lnk [2010-01-24 02:19:13 | 000,013,096 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-24.hrf [2010-01-22 03:11:25 | 000,013,101 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-22.hrf [2010-01-21 01:19:11 | 000,013,101 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-21.hrf [2010-01-20 19:45:24 | 000,013,098 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-20.hrf [2010-01-18 11:51:30 | 000,013,547 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-18.hrf [2010-01-17 14:05:13 | 000,012,208 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-17.hrf [2010-01-15 16:13:36 | 000,000,970 | ---- | C] () -- C:\Users\Monika\Desktop\Syberia 2.lnk [2010-01-15 08:32:49 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2010-01-15 07:09:03 | 000,012,224 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-15.hrf [2010-01-14 23:48:36 | 000,000,947 | ---- | C] () -- C:\Users\Monika\Desktop\Syberia.lnk [2010-01-14 00:31:55 | 000,013,062 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-14.hrf [2010-01-11 00:00:30 | 000,013,132 | ---- | C] () -- C:\Users\Monika\Documents\2010-01-11.hrf [2010-01-10 23:55:53 | 000,001,433 | ---- | C] () -- C:\Users\Public\Desktop\Hattrick Organizer.lnk [2010-01-09 00:46:39 | 000,000,526 | ---- | C] () -- C:\Windows\eReg.dat [2009-12-30 23:49:41 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009-12-30 23:49:40 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009-09-27 19:15:33 | 000,000,680 | ---- | C] () -- C:\Users\Monika\AppData\Local\d3d9caps.dat [2009-09-24 18:37:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-09-24 18:37:01 | 000,000,000 | ---- | C] () -- C:\Windows\System32\audiosrv.dll [2009-09-24 18:36:43 | 000,150,528 | ---- | C] () -- C:\Windows\System32\MMDevAPI.dll [2009-06-15 20:33:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-06-07 15:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-06-07 15:16:12 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-05-13 16:52:36 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-03-15 23:40:16 | 000,000,067 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\AVSMediaPlayer.m3u [2009-01-28 19:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-12-25 13:00:27 | 000,029,184 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-06-26 16:54:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008-06-25 11:52:26 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-06-25 11:40:12 | 000,193,566 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-06-25 11:40:12 | 000,193,566 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-06-25 11:33:35 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-06-25 11:33:34 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-06-25 11:26:07 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll [2008-06-25 11:24:43 | 000,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys [2008-04-30 13:55:16 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008-01-21 03:24:11 | 000,000,000 | ---- | C] () -- C:\Windows\System32\rasman.dll [2007-02-15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 09:51:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\parport.sys [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-01-07 04:34:37 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Atari [2010-01-29 23:48:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\AVI ReComp [2009-01-06 23:56:58 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Canneverbe_Limited [2009-03-20 01:28:05 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools [2009-03-20 01:28:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite [2009-03-20 01:28:05 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Pro [2008-12-25 21:10:05 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu [2010-01-29 21:29:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GHISLER [2009-01-30 04:21:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0 [2009-01-08 21:19:29 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\IrfanView [2009-10-07 19:38:57 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\LimeWire [2009-12-24 23:11:07 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Nowe Gadu-Gadu [2009-09-13 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenFM [2009-03-04 21:50:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org [2009-11-05 21:26:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Summer Athletics 2009 [2009-12-30 06:25:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\temp [2009-05-21 21:52:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Tlen.pl [2010-02-06 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\uTorrent [2010-01-30 03:05:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Vso [2010-02-06 16:03:24 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010-02-06 16:09:51 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\SupBackGroundTask.job [2010-02-06 17:37:20 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3D133AD3-7F63-4035-9A36-E9A6FE83EE06}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-02-08 10:31:21 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008-10-27 00:45:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-07-05 17:43:06 | 000,007,572 | ---- | M] () -- C:\mksbasel.cpp.log [2008-10-27 00:45:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-01-03 11:30:32 | 3529,375,744 | -HS- | M] () -- C:\pagefile.sys [2008-06-25 11:17:56 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log [2008-12-28 19:42:31 | 000,000,086 | ---- | M] () -- C:\Setup.log [2 C:\*.tmp files -> C:\*.tmp -> ] < End of report > [/log] [log]OTL Extras logfile created on: 2010-02-06 18:21:37 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Monika\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 72,09 Gb Total Space | 28,27 Gb Free Space | 39,21% Space Free | Partition Type: NTFS Drive D: | 116,00 Gb Total Space | 40,95 Gb Free Space | 35,31% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 100,00 Gb Total Space | 65,01 Gb Free Space | 65,01% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MONIKA-PC Current User Name: Monika Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1638569717-3236376331-3682086134-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" [2009-12-09 02:24:04 | 000,000,000 | ---D | M] Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3441670A-B9B1-4542-A118-45A58D9F82C2}" = lport=138 | protocol=17 | dir=in | app=system | "{660AB0A7-50A7-4596-BE0F-3E3962C59B6F}" = lport=139 | protocol=6 | dir=in | app=system | "{91688D6D-502E-4EE4-8179-F810447CCCA1}" = rport=445 | protocol=6 | dir=out | app=system | "{B1DC9D8D-12FC-4FAA-ADC7-3F2428F1B514}" = rport=137 | protocol=17 | dir=out | app=system | "{B2E53742-CB82-4E8D-B929-4FE7C42FB86C}" = lport=445 | protocol=6 | dir=in | app=system | "{B3821927-60FF-4F87-AC84-8F0EDA5EFAA4}" = lport=137 | protocol=17 | dir=in | app=system | "{C80F60F4-5D0D-4781-9718-8071E5B9D1AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C94C5607-F7D0-4154-BBEC-25C860159672}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EA81CA0B-080B-42E4-A71B-0565B45656FA}" = rport=139 | protocol=6 | dir=out | app=system | "{EE55C787-6CDC-47A6-B3E1-7A3A67D41077}" = rport=138 | protocol=17 | dir=out | app=system | "{F9FBE6DD-5A14-438A-A950-2FC461EA874D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{11831D84-87A2-48C3-AA63-0155CEB555EC}" = protocol=6 | dir=in | app=f:\gry\operation\ofdr.exe | "{26061251-3D4B-431A-8E97-E8B72C977A08}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{27726017-382E-4673-BEBC-AD2E0DD3470F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{3C318E77-C9A6-4ED4-A636-1A2575E7CF9A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{3DEB2E7D-D4B6-4028-A982-98CDEB3E52E2}" = protocol=17 | dir=in | app=f:\gry\two worlds\twoworlds_radeon.exe | "{44B77605-F1AF-4C9D-8E02-A89975B4C503}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{4B5A2AC6-2CA2-4AC9-8963-8A672F9D7577}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{5509C0DB-3F65-4D55-A889-7E4244D93B8D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6376E09E-8C88-4B67-9F17-5E38F2E3583D}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{65479A8E-4F64-4DD5-9200-6D2883007ED1}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{73154E87-CE6A-4A9B-8187-C9130501132A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{7B8CC928-9F41-485F-9CA6-1D3BF15F70D2}" = protocol=17 | dir=in | app=f:\gry\operation\ofdr.exe | "{8306219B-78B1-4300-8211-7F91D0FB4FD1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8E253880-8E63-4675-914B-7C1D7DEC80CE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{A88342D8-1B96-432A-B8D2-193EDF1EEFC4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B05AF1EA-9B3D-4380-8BBB-4092196D739F}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{BC5F5BDD-7307-4CD1-95B5-97D35E0714CE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{BF1E44DA-463B-4B80-BC30-827BB40B513F}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{C1F6A267-8B45-422A-AAE4-731DD729F0E7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{CE3F53B4-CA69-49FB-B588-0E181A6F850B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{DA16B910-BC37-47E3-9D0E-9ADD8AC9EE43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E02321D0-6FBF-422F-90A9-8BF891BE1847}" = protocol=17 | dir=in | app=f:\gry\two worlds\twoworlds.exe | "{EA212180-F3BB-4B4C-AD52-D4BCA8C7099E}" = protocol=6 | dir=in | app=f:\gry\two worlds\twoworlds.exe | "{EEC3E414-098A-4493-9FF3-F3B8D9672A2B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{FCC4D09E-3B32-402C-985B-AFD65E3BE38C}" = protocol=6 | dir=in | app=f:\gry\two worlds\twoworlds_radeon.exe | "TCP Query User{2566D270-DFB6-42F3-83E9-868D01273C1D}C:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe | "TCP Query User{407A2C18-8705-48B9-BA39-8C6C03DECB6F}C:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe | "TCP Query User{44FF46C1-EFE7-4145-91B8-7A35B63850DA}C:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe | "TCP Query User{5C597F9A-989E-4029-855E-63D561CB2BF0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{6B54D161-96AB-4703-9F74-AE9D88039389}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{6F81000C-1A8F-45A4-A099-EEA5471A695D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | "TCP Query User{94EE59C0-F428-43B2-B54B-E10CC566EBFA}D:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe" = protocol=6 | dir=in | app=d:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe | "TCP Query User{B81D91E5-B7E3-4B76-B47B-616A67B5E2AB}F:\gry\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=f:\gry\tdu\testdriveunlimited.exe | "TCP Query User{BD7110E8-0D18-484B-81DF-2260CDF13507}C:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe | "TCP Query User{CE58AE79-B2AB-4970-9E76-73D3C936B016}F:\gry\fsw\fsw2.exe" = protocol=6 | dir=in | app=f:\gry\fsw\fsw2.exe | "TCP Query User{D0C44C68-66F1-4A7D-A4F2-3F42DF611DBC}D:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe" = protocol=6 | dir=in | app=d:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe | "TCP Query User{E28F9CED-C18C-453D-AADE-AA6CEC1C0F69}C:\program files\thq\titan quest\titan quest.exe" = protocol=6 | dir=in | app=c:\program files\thq\titan quest\titan quest.exe | "TCP Query User{EB7C3D87-EA46-41F8-92D4-46B35BCE7513}C:\users\monika\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\monika\desktop\utorrent.exe | "TCP Query User{EE2695C5-5747-4EA3-8BBD-9D59748BD1D8}F:\gry\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=f:\gry\tdu\testdriveunlimited.exe | "UDP Query User{1EA82949-2BCB-4409-B42C-ED73B4035AAB}F:\gry\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=f:\gry\tdu\testdriveunlimited.exe | "UDP Query User{26396B7C-4E88-4F4F-A661-AC70E3AB5BBE}C:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe | "UDP Query User{2A3EFACC-EE39-4BC9-8FCB-504E516AB80D}C:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe | "UDP Query User{2E13555F-A6A5-4010-A4B8-394BCBC2A198}C:\program files\thq\titan quest\titan quest.exe" = protocol=17 | dir=in | app=c:\program files\thq\titan quest\titan quest.exe | "UDP Query User{3CCFFFFC-B757-4D76-AD51-6DAE273DA08A}D:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe" = protocol=17 | dir=in | app=d:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe | "UDP Query User{5EBC720F-CC90-4BB8-B7C5-418D72737BEE}D:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe" = protocol=17 | dir=in | app=d:\limewire\[pc] call of juarez [rip] [dopeman]\call of juarez\call of juarez\coj.exe | "UDP Query User{7528A9B0-4E27-4FFB-A01B-BF5FD6805106}C:\users\monika\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\monika\desktop\utorrent.exe | "UDP Query User{79D9DA53-5AB7-431E-89BA-066D2EB14FD4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{92D83633-C200-4A55-98E1-D3B89A26ECC8}F:\gry\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=f:\gry\tdu\testdriveunlimited.exe | "UDP Query User{BD8BD408-9B5D-4571-8421-900F1C5FBBB1}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | "UDP Query User{CC0D1267-F277-41EC-8540-A7E3058E1D10}C:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\users\monika\desktop\gadu gadu\nowe gadu-gadu\gg.exe | "UDP Query User{D3A24931-E82A-4119-B4FC-9F9968967CC2}F:\gry\fsw\fsw2.exe" = protocol=17 | dir=in | app=f:\gry\fsw\fsw2.exe | "UDP Query User{EDEAF3C6-C3A3-4F61-80A9-73C42EF9BC04}C:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\users\monika\desktop\instalki\gadu gadu\nowe gadu-gadu\gg.exe | "UDP Query User{FF0E223B-D6F7-42E6-B9F5-3315E21A75A8}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}" = USB2.0 UVC WebCam "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising "{1F7643BD-2E73-4F8F-AD27-8356F9BF8CDC}" = ASUS WL-530g Wireless Router Utilities "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17 "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager dla programu Outlook 2007 "{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25 "{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "{9C748279-288D-11D7-928D-00C0CA129740}" = Robin Hood - Legenda Sherwood "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9FDCD01E-9926-4399-8BB9-74EEBE604C11}" = Quake Live Mozilla Plugin "{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}" = Tycoon City - New York "{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish "{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2D3D146-67BC-43D0-9015-2E7BAC2E032B}" = OpenOffice.org 3.1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "ActiveScan 2.0" = Panda ActiveScan 2.0 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "ALLPlayer V3.6.6.5_is1" = ALLPlayer V3.X "Ares" = Ares 2.1.1 "AVI ReComp" = AVI ReComp 1.5.0 "Avisynth" = AviSynth 2.5 "AVS Media Player_is1" = AVS Media Player 3.1 "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3 "Business Contact Manager dla programu Outlook 2007" = Business Contact Manager dla programu Outlook 2007 "Championship Manager 01-02" = Championship Manager 01-02 "COMODO Internet Security" = COMODO Internet Security "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Electronic Arts Game Updater" = Electronic Arts Game Updater "ENTERPRISE" = Microsoft Office Enterprise 2007 "ExpressBurn" = Express Burn "FoxyTunesForFirefox" = FoxyTunes for Firefox "Hattrick Organizer" = Hattrick Organizer (remove only) "HD Tune_is1" = HD Tune 2.55 "HijackThis" = HijackThis 2.0.2 "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera "InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood "IrfanView" = IrfanView (remove only) "LimeWire" = LimeWire 4.18.8 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "Need For Speed - Porsche 2000 (Enhanced)" = Need For Speed - Porsche 2000 (Enhanced) "NVIDIA Drivers" = NVIDIA Drivers "Prawo Jazdy_is1" = Prawo Jazdy "Profesor Henry 5.0 - Rozumienie_is1" = Profesor Henry 5.0 - Rozumienie ze słuchu i Konwersacje "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "RegSupreme Pro_is1" = RegSupreme Pro "ShadowExplorer_is1" = ShadowExplorer 0.7 "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SkanerOnline" = Skaner on-line mks_vir "slow_12_60_is1" = Profesor Henry 6.0 Słownictwo poziom 1 i 2 "SopCast" = SopCast 3.0.3 "Summer Athletics 2009/PL-Polish_is1" = Summer Athletics 2009 "SWAT 4" = SWAT 4 "Sweet Home 3D_is1" = Sweet Home 3D version 2.1 "Syberia_is1" = Syberia "Syberia2_is1" = Syberia 2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "SystemRequirementsLab" = System Requirements Lab "Testy B 2009_is1" = Testy B 2009 "Toolbar Uninstaller_is1" = Toolbar Uninstaller 1.0.0.1 "Totalcmd" = Total Commander (Remove or Repair) "Two Worlds" = Two Worlds "USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam "uTorrent" = µTorrent "VLC media player" = VLC media player 0.9.8 "VobSub" = VobSub 2.23 "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "Xvid_is1" = Xvid 1.2.2 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error: Unable to start EventLog service! < End of report > [/log] [color="#FF0000"]// Przenoszę // Cyprian[/color]Jest szansa na czyjąś pomoc?
rokko komentarz 7 lutego 2010 komentarz 7 lutego 2010 [quote]Program c:windows\system32\rasman.dll nie jest przeznaczony do uruchamiania w systemie windows [/quote] Przeskanuj system kontrolerem plików systemowych, który przywróci oryginalne pliki. Ewentualnie można go ręcznie podmienić wpierw spróbuj SFC. Tu info => http://www.forumpc.pl/index.php?showtopic=124277
Kamil_Wu komentarz 7 lutego 2010 Autor komentarz 7 lutego 2010 Przskanowałem komputer smc W wyniku wyskoczył mi komunikat: Funkcja Ochronna znalazła uszkodzone pliki, ale nie może naprawić niektórych z tych plików.Szczegóły znajdują się w pliku CBS.logJakieś pomysły? Pytanie ewentualnie o przywrócenie systemu Mam kpię zapasową, ale z lutego 2009 Czy jeżeli przekopiuję pliki z c na inny dysk to dane się zachowają? BO jak rozumiem stracę wszystkie programy zainstalowane po lutym 2009
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.