x-kom hosting

Komputer totalnie zwalnia, łapie "zwiechy", przy włączeniu komunikat "sieć zajęta"

klapkowy
utworzono
utworzono

Tak naprawdę to po prostu przydałyby mi się superporządki. Mam na kompie wiele rzeczy prywatnych i co gorsza firmowych, nie mogę sobie pozwolić na reinstalację. Gdyby komuś się chciało przejrzeć logi i mi pomóc, to byłbym wdzięczny. Mogę nawet posłać czteropak kurierem (czas realizacji 24h!) : - )

Log jest tu: [url="http://wklej.eu/index.php?id=cccd0606c9"]http://wklej.eu/index.php?id=cccd0606c9[/url]

Z góry dzieki!

Gość
komentarz
komentarz

przeskanuj programem malwarebytes - dopoki ktos niesprawdzi logow, ja zajrzałem i widze pare podejrzanych wpisow ale nie jestem tu specem od pisania skryptow

klapkowy
komentarz
komentarz (edytowane)

bezpłatną wersją wystarczy?


okej, jest dostępna testowa "pełna wersja", pytania nie było, skanuję za to ;-)

Gość
komentarz
komentarz

daj znać jak wypadł skan

klapkowy
komentarz
komentarz (edytowane)

Właśnie jestem w pracy i nie mogę eksperymentować więcej. Na wieczór wczorajszy skan się wykrzaczał, tj. po zakończeniu (albo tuż przed) jakiegokolwiek rodzaju skanu program się zwieszał. Może przez jakiś wirus...

Gość
komentarz
komentarz

programem hdtune sprawdź dysk - zakładka error scan, jeśli nic nie wykryje to zrób screena z zakładki health i podeślij nam tu

klapkowy
komentarz
komentarz (edytowane)

nic nie dało. status health=ok, a malwarebytes nadal nie może przeskanować kompa
[url="http://img22.otofotki.pl/obrazki/wh682_HDTune_Health_TOSHIBA_MK3252GSX.png"]http://img22.otofotk...A_MK3252GSX.png[/url]
[url="http://img22.otofotki.pl/obrazki/pf455_HDTune_Health_TOSHIBA_MK3252GSX2.png"]http://img22.otofotk..._MK3252GSX2.png[/url]
powyżej screen'y.

co robić?

Gość
komentarz
komentarz

napisałem do natsuki , sprawdzi ci logi i napisze skrypt o ile będzie potrzebny

klapkowy
komentarz
komentarz (edytowane)

dzięki, czekam!

Gość
komentarz
komentarz (edytowane)

Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej:

[code]:OTL
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found

:Commands
[emptyflash]
[emptytemp][/code]


Kliknij w [b]Wykonaj skrypt.[/b]


Pobierz[b] AdwCleaner [/b]i wykonaj nim skan z opcji Search. Przedstaw raport.
http://general-changelog-team.fr/outils/289-adwcleaner

klapkowy
komentarz
komentarz (edytowane)

Raport z OTL po wykonaniu skryptu:

[log]All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
C:\Program Files\uTorrentControl2\prxtbuTor.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ deleted successfully.
C:\Program Files\vShare.tv plugin\BarLcher.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56466 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: klapkowy
->Flash cache emptied: 59523 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: klapkowy
->Temp folder emptied: 1805463 bytes
->Temporary Internet Files folder emptied: 156056075 bytes
->Java cache emptied: 5488703 bytes
->Google Chrome cache emptied: 310651575 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35120 bytes
RecycleBin emptied: 118742585 bytes

Total Files Cleaned = 565,00 mb


OTL by OldTimer - Version 3.2.43.1 log created on 05272012_131443

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...





Raport z AdwCleaner:



# AdwCleaner v1.607 - Logfile created 05/27/2012 at 13:34:23
# Updated 23/05/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : klapkowy - KLAPKOWY-PC
# Running from : D:\programy\sprzątanie kompa\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\klapkowy\AppData\Local\Conduit
Folder Found : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}
Folder Found : C:\Users\klapkowy\AppData\LocalLow\Conduit
Folder Found : C:\Users\klapkowy\AppData\Roaming\OpenCandy
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\vShare.tv plugin

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKCU\Software\SweetIm
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1

-\\ Google Chrome v19.0.1084.52

File : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "description": "SweetIm for Facebook",
Found : "name": "SweetIM for Facebook",
Found : "description": "vshare.tv plugin",
Found : "name": "vshare plugin",
Found : "path": "chvsharetvplg.dll",
Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...]
Found : "name": "vShare.tv plug-in",
Found : "path": "C:\\Users\\klapkowy\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extension[...]
Found : "name": "vShare.tv plug-in"

*************************

AdwCleaner[R1].txt - [7353 octets] - [27/05/2012 13:34:23]

########## EOF - C:\AdwCleaner[R1].txt - [7481 octets] ##########[/log]

Gość
komentarz
komentarz

[b]1.T[/b]eraz zamknij wszystkie przegladarki. Uruchom Adw Cleaner i wykonaj Delete.
Jak AdwCleaner skończy kliknij Uninstall

[b]2.[/b] Po usuwaniu zrób nowe logi z [b]OTL wg tej instrukcji[/b] http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

klapkowy
komentarz
komentarz (edytowane)

Skan z ADS Celaner:


[log]# AdwCleaner v1.607 - Logfile created 05/27/2012 at 13:43:25
# Updated 23/05/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : klapkowy - KLAPKOWY-PC
# Running from : D:\programy\sprzątanie kompa\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\klapkowy\AppData\Local\Conduit
Folder Deleted : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\klapkowy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\klapkowy\AppData\Roaming\OpenCandy
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Program Files\Conduit
Deleted on reboot : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\vShare.tv plugin

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1 --> hxxp://www.google.fr

-\\ Google Chrome v19.0.1084.52

File : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "SweetIm for Facebook",
Deleted : "name": "SweetIM for Facebook",
Deleted : "description": "vshare.tv plugin",
Deleted : "name": "vshare plugin",
Deleted : "path": "chvsharetvplg.dll",
Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...]
Deleted : "name": "vShare.tv plug-in",
Deleted : "path": "C:\\Users\\klapkowy\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extension[...]
Deleted : "name": "vShare.tv plug-in"

*************************

AdwCleaner[R1].txt - [7482 octets] - [27/05/2012 13:34:23]
AdwCleaner[S1].txt - [7618 octets] - [27/05/2012 13:43:25]

########## EOF - C:\AdwCleaner[S1].txt - [7746 octets] ##########



Log z OTL:



OTL logfile created on: 2012-05-27 13:50:14 - Run 3
OTL by OldTimer - Version 3.2.43.1 Folder = D:\programy\sprzątanie kompa
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,76% Memory free
5,99 Gb Paging File | 4,49 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,20 Gb Total Space | 5,49 Gb Free Space | 14,00% Space Free | Partition Type: NTFS
Drive D: | 126,95 Gb Total Space | 17,64 Gb Free Space | 13,89% Space Free | Partition Type: NTFS
Drive E: | 131,83 Gb Total Space | 16,69 Gb Free Space | 12,66% Space Free | Partition Type: NTFS

Computer Name: KLAPKOWY-PC | User Name: klapkowy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-05-23 20:44:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\programy\sprzątanie kompa\OTL.exe
PRC - [2012-05-23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-04-04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-04-04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-03-19 10:51:36 | 000,217,256 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
PRC - [2011-11-19 13:34:54 | 000,364,544 | ---- | M] (Common Group) -- C:\Program Files\MUSTEK 1248UB\Driver\WATCH.exe
PRC - [2011-04-28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeacoms.exe
PRC - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009-11-11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 17:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009-08-18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008-07-15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2008-06-12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- E:\Adobe CS4\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- E:\Adobe CS4\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007-01-11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2004-04-20 11:21:04 | 000,065,256 | ---- | M] (Neuber GbR) -- C:\Program Files\Typograf\Ttfman.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-24 17:34:53 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll
MOD - [2012-04-24 17:32:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\87bb94208da627ef82f1baf7565429fb\System.Runtime.Remoting.ni.dll
MOD - [2012-04-24 17:31:39 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll
MOD - [2012-04-24 15:02:53 | 000,115,137 | ---- | M] () -- D:\TEMP\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
MOD - [2012-04-24 14:55:58 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7eb4a3ea2a40992aee2c4bbd12e03e92\PresentationFramework.ni.dll
MOD - [2012-04-24 14:55:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll
MOD - [2012-04-24 14:55:05 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll
MOD - [2012-04-24 14:54:54 | 011,469,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\ae40bbaf5a559e09ab86abb4a0e3b82a\PresentationCore.ni.dll
MOD - [2012-04-24 14:54:52 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\15e071596162d504ead0394ec971ad3b\PresentationFramework.Aero.ni.dll
MOD - [2012-04-24 14:54:49 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\389da1e0e62a532f956f05709447e8aa\System.Windows.Forms.ni.dll
MOD - [2012-04-24 14:54:37 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b09b3c662a1d39ed782f8c54c62a4067\WindowsBase.ni.dll
MOD - [2012-04-24 14:54:36 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6b80af748bbb01fead3aefa778d2a30a\System.Drawing.ni.dll
MOD - [2012-04-24 14:54:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll
MOD - [2012-04-24 14:54:16 | 014,414,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll
MOD - [2012-04-04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
MOD - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010-04-05 12:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010-04-05 12:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll
MOD - [2010-04-05 12:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010-04-05 12:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll
MOD - [2010-04-05 12:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010-04-01 19:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010-04-01 19:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009-06-23 13:11:11 | 000,094,208 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009-06-23 13:10:44 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll
MOD - [2009-06-23 13:09:46 | 002,203,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll
MOD - [2009-05-27 14:16:50 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009-04-28 09:56:40 | 000,024,576 | ---- | M] () -- C:\Windows\System32\LXEAsmr.dll
MOD - [2009-04-07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll
MOD - [2009-03-10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009-03-02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009-02-20 10:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXEAsm.dll
MOD - [2008-05-22 04:29:31 | 000,458,752 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2008-05-22 04:27:17 | 000,372,736 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-08-16 21:39:56 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010-04-14 22:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009-10-14 17:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-07-15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007-01-11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2012-05-24 19:55:12 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012-02-25 17:56:07 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012-01-05 14:10:13 | 000,144,136 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011-11-30 19:37:27 | 000,112,904 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011-11-23 10:59:43 | 000,126,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011-11-19 13:34:48 | 000,017,504 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gt680x.sys -- (GT680x)
DRV - [2011-06-02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-06-02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011-06-02 07:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011-06-02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011-05-13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011-05-13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011-04-28 13:57:21 | 000,111,176 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011-04-28 13:57:20 | 000,099,400 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-02-25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2010-01-26 17:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-08-18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-04-29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008-10-09 03:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-05-06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.fr"]http://www.google.fr[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.google.co...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{E3C9C50E-AFA8-4CA4-87B6-3702B56B9355}: "URL" = [url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"]http://www.google.co...ie=utf8&oe=utf8[/url]
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-05-17 10:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2011-08-16 10:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Extensions
[2011-08-16 10:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-04-20 11:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Firefox\extensions
[2012-04-20 11:24:07 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-04-25 21:05:19 | 000,574,660 | ---- | M] () (No name found) -- C:\USERS\KLAPKOWY\APPDATA\ROAMING\THUNDERBIRD\PROFILES\D7X44BS4.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Enabled) = E:\Adobe CS4\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: uTorrentControl2 = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\
CHR - Extension: uTorrentControl2 = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\Toolbar\ShellBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BEWINTERNET-PLSessionManager] C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [0F202E3ADF64B196D3BBFC53B28719298B0D39EC._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [DIMPobieranie aktualizacji...1300677038363] C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe (Corel Corporation)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [DIMTrwa pobieranie...1271254118180] c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe (Corel Corporation)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [EPSON B-300] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICZE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software)
O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [TTFMan] c:\Program Files\Typograf\Ttfman.exe (Neuber GbR)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5858E911-CE84-4873-8FFB-FA63424B4F5B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe
O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-05-23 22:52:38 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-05-23 22:52:37 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\AppData\Roaming\Malwarebytes
[2012-05-23 22:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-05-23 10:14:51 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\AppData\Roaming\Temp
[2012-05-20 17:18:04 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\olivka
[2012-05-17 10:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-05-17 10:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012-05-15 02:01:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-05-15 02:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-05-15 02:01:35 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-05-08 13:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012-05-08 13:54:37 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\uFonts
[2012-05-08 13:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012-05-07 09:44:57 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\atg-foto-wizyt

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-27 13:53:01 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-27 13:53:01 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-05-27 13:45:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-27 13:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-27 13:44:42 | 2412,195,840 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-27 13:35:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-24 19:55:12 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-05-24 19:54:52 | 000,027,490 | ---- | M] () -- C:\Users\klapkowy\Desktop\HDTune_Error_Scan_TOSHIBA_MK3252GSX.png
[2012-05-23 10:31:52 | 000,154,083 | ---- | M] () -- C:\Users\klapkowy\Desktop\Kontakty001-2.csv
[2012-05-23 10:11:43 | 000,784,672 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-05-23 10:11:43 | 000,698,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-05-23 10:11:43 | 000,172,082 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-05-23 10:11:43 | 000,138,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-05-22 23:49:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-05-22 23:49:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-05-20 15:34:28 | 001,391,146 | ---- | M] () -- C:\Users\klapkowy\Desktop\graf.cdr
[2012-05-18 13:10:23 | 000,218,618 | ---- | M] () -- C:\Users\klapkowy\Desktop\2012-05-18 13;10;42.JPG
[2012-05-17 10:10:42 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-05-15 02:01:38 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-05-10 20:28:38 | 002,774,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-05-08 13:54:39 | 000,000,223 | ---- | M] () -- C:\Users\klapkowy\Desktop\SweetPcFix.url

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-05-24 19:54:52 | 000,027,490 | ---- | C] () -- C:\Users\klapkowy\Desktop\HDTune_Error_Scan_TOSHIBA_MK3252GSX.png
[2012-05-23 10:31:52 | 000,154,083 | ---- | C] () -- C:\Users\klapkowy\Desktop\Kontakty001-2.csv
[2012-05-22 23:49:51 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-05-22 23:49:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-05-20 15:34:26 | 001,391,146 | ---- | C] () -- C:\Users\klapkowy\Desktop\graf.cdr
[2012-05-18 13:10:49 | 000,218,618 | ---- | C] () -- C:\Users\klapkowy\Desktop\2012-05-18 13;10;42.JPG
[2012-05-17 10:10:42 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-05-15 02:01:38 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-05-08 13:54:37 | 000,000,223 | ---- | C] () -- C:\Users\klapkowy\Desktop\SweetPcFix.url
[2012-04-17 14:23:11 | 000,073,564 | ---- | C] () -- C:\Users\klapkowy\AppData\Roaming\PitStopConnect9FontInfo_PL10_FallBack.dat
[2012-04-07 14:30:24 | 000,003,584 | ---- | C] () -- C:\Users\klapkowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-07 14:28:35 | 000,033,019 | ---- | C] () -- C:\Windows\System32\CoreAAC-uninstall.exe
[2012-03-06 12:14:26 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat
[2012-02-29 11:36:11 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxeavs.dll
[2012-02-29 11:36:06 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeacoin.dll
[2012-02-29 11:35:57 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxeagcfg.dll
[2012-02-29 11:35:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeacui.dll
[2012-02-29 11:35:54 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeacuir.dll
[2012-02-29 11:33:05 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxearwrd.ini
[2012-02-29 11:32:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxeainpa.dll
[2012-02-29 11:32:47 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEAhcp.dll
[2012-02-29 11:32:47 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEAinst.dll
[2012-02-29 11:32:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxeaserv.dll
[2012-02-29 11:32:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxeausb1.dll
[2012-02-29 11:32:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxeapmui.dll
[2012-02-29 11:32:46 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeaiesc.dll
[2012-02-29 11:32:45 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxealmpm.dll
[2012-02-29 11:32:45 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxeains.dll
[2012-02-29 11:32:45 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxeainsb.dll
[2012-02-29 11:32:45 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeainsr.dll
[2012-02-29 11:32:45 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxeajswr.dll
[2012-02-29 11:32:44 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxeahbn3.dll
[2012-02-29 11:32:44 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxeaih.exe
[2012-02-29 11:32:44 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeacu.dll
[2012-02-29 11:32:44 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxeagrd.dll
[2012-02-29 11:32:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeacub.dll
[2012-02-29 11:32:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeacur.dll
[2012-02-29 11:32:43 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeacomc.dll
[2012-02-29 11:32:43 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeacoms.exe
[2012-02-29 11:32:43 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeacfg.exe
[2012-02-29 11:32:43 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeacomm.dll
[2012-02-29 11:32:27 | 000,024,576 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll
[2012-02-29 11:32:26 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll
[2012-02-25 15:41:47 | 000,007,605 | ---- | C] () -- C:\Users\klapkowy\AppData\Local\Resmon.ResmonCfg
[2011-11-19 13:35:43 | 000,017,504 | ---- | C] ( ) -- C:\Windows\System32\drivers\gt680x.sys
[2011-09-16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-09-16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011-09-16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011-09-16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011-09-16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011-08-20 04:08:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-08-18 11:46:08 | 000,000,026 | ---- | C] () -- C:\Windows\CDEB300EURO.ini
[2011-08-17 09:19:39 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011-08-17 09:19:39 | 000,000,088 | RHS- | C] () -- C:\ProgramData\2FB3EAF355.sys
[2011-08-17 00:34:29 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-08-17 00:33:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-08-15 19:12:24 | 000,784,672 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011-08-15 19:12:24 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011-08-15 19:12:24 | 000,172,082 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011-08-15 19:12:24 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2011-08-15 18:01:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[color=#E56717]========== LOP Check ==========[/color]

[2012-05-26 11:56:09 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\AIMP3
[2011-08-29 04:22:27 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\AutoUpdate
[2011-08-17 09:19:38 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Bitstream
[2012-04-07 00:34:58 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Broad Intelligence
[2012-04-07 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Cocoon Software
[2012-02-25 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Dexpot
[2012-05-25 14:19:48 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Dropbox
[2012-02-06 20:52:39 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\EliSoft
[2012-02-28 13:26:00 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Enfocus
[2012-01-08 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\GHISLER
[2012-01-11 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\gtk-2.0
[2011-09-03 00:30:44 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Kamerzysta
[2012-01-08 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Notepad++
[2012-03-06 12:15:18 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Panda Security
[2012-04-06 19:53:42 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Resolume
[2012-03-10 19:56:42 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Resolume Avenue 3
[2011-10-23 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Samsung
[2012-05-23 10:42:31 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Temp
[2011-08-16 10:32:22 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Thunderbird
[2011-08-17 09:06:58 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Typograf
[2012-05-22 23:46:16 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\uTorrent
[2012-02-07 10:16:27 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >



+ extras.txt

OTL Extras logfile created on: 2012-05-27 13:50:14 - Run 3
OTL by OldTimer - Version 3.2.43.1 Folder = D:\programy\sprzątanie kompa
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,76% Memory free
5,99 Gb Paging File | 4,49 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,20 Gb Total Space | 5,49 Gb Free Space | 14,00% Space Free | Partition Type: NTFS
Drive D: | 126,95 Gb Total Space | 17,64 Gb Free Space | 13,89% Space Free | Partition Type: NTFS
Drive E: | 131,83 Gb Total Space | 16,69 Gb Free Space | 12,66% Space Free | Partition Type: NTFS

Computer Name: KLAPKOWY-PC | User Name: klapkowy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09ED28C7-488D-45BC-AE51-C8CCF5F5D092}" = rport=139 | protocol=6 | dir=out | app=system |
"{0B506A35-665B-4EA0-850F-F2D0F28DE555}" = rport=137 | protocol=17 | dir=out | app=system |
"{0DC61FD3-C01E-47A2-9D66-EA17B36FB4B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1BDD35B9-83A8-4F1E-A8C9-81265A629B49}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21ECBF70-EEB7-423A-BBD0-EED4A3C37204}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2EAD2110-65A6-4994-BC2A-C558FFA82DE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3299BE51-781C-4837-88DE-A1D018D9051D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36B27981-DC38-44FA-AF78-4737B1171D9E}" = lport=139 | protocol=6 | dir=in | app=system |
"{3BBAF90C-EB5F-4724-8078-594B2FEDD494}" = rport=10243 | protocol=6 | dir=out | app=system |
"{418BD516-3D7F-4EE1-93C4-F3CBF2B7FB26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{58260B59-3CE4-4F69-BEF7-B4BBE24ACD21}" = rport=445 | protocol=6 | dir=out | app=system |
"{5F392D42-33AB-4CE5-A2B7-87D11EF2710A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{75C46475-C4EB-4F65-9E00-C64FB42D60A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EC60990-8791-4695-8445-6A29538F06B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A96F0D10-3670-463F-87E8-DE8C4EFB79BA}" = lport=137 | protocol=17 | dir=in | app=system |
"{ABD1EE45-8BAB-4255-99C4-8394ECE5CAAE}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA97723F-72AC-4A04-B834-C05B23FC3DB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C2277B53-3967-42BC-B82A-0D274E1A3FBF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{DC1552CA-C5A6-4A4A-AFD7-3D076536E0B1}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{DC6779DF-5936-4472-8131-719C1872A5BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E810EA7F-57B4-4FDF-9872-21FDF002734F}" = lport=445 | protocol=6 | dir=in | app=system |
"{ED5B9506-6BFB-4586-B1C9-E8D22FFE0BDD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5A56475-7A9D-444D-98A9-13C48DDFA501}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F88ED812-B479-44F1-AE0A-956A914BCAEC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC37C257-6914-42B3-BA28-CEFB92733837}" = rport=138 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06629025-806B-498D-968E-61C0DF0E2065}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{19964160-0715-4F46-9506-5F04535B25D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AF16379-E210-4775-8E21-BB418F0217AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39CF9577-700F-4828-9A56-DF24D1FE352E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B4FE452-482B-45BA-B718-BF8C3FB5D860}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{44070E02-2A71-4DA4-BF8F-A08F6DCAE0C1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{48BDFAB2-5E7C-4176-AF7F-5583B7104652}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FB1967C-CB3C-408E-894E-8C08EB3AF555}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{5033C2AE-8C88-4A0B-8C01-3B6D5BD0D016}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{511A282E-9736-4212-B72E-51CCA324F74E}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{56729C08-E851-40E3-8522-D56E9D870672}" = protocol=6 | dir=out | app=system |
"{63D7A8EC-FEBA-410D-A9D7-B623905E810B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{668D379F-074D-443B-B7A9-653921B38015}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67C25E14-5304-429D-9F80-217519865820}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6959B29F-9090-459E-B2BE-FD71D9C5257C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E2252D8-1B51-4349-9AE7-77E85832E406}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{6F81BAF7-CAC9-4D71-BE95-ED5AD3028E50}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{741B0970-AFAC-4F60-945C-5F35AAD49E4A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79745968-A6F1-4902-A612-8F4346A0E1DE}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{7B8C764C-00DA-4A5E-B876-86C5B99B5416}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{88399013-2779-4356-B8D4-5786BFB73875}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{8E7BFB2A-1A6A-4F0A-A744-A7A07D868073}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{907392FA-CF6B-48B9-95EC-5E37112061CE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9E950097-A295-4299-8FCA-162A152A3D9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7CBC30C-73F5-46A2-8AF4-8F9821A6A123}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9B955CA-3C23-4EEB-849C-7DDAA6455672}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{B38C19C0-08C8-4672-9AF4-FDAFD021E442}" = protocol=6 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe |
"{BBCD886A-E050-46A0-AE9B-B7EBCF95141B}" = protocol=17 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe |
"{C27DCCE4-A1C3-4905-B8E2-784C940A2D13}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C2A994BB-C195-4FD1-A2E4-E56A040A0A7D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C3C37D53-CAB2-4F5B-A269-A0B2A9D867CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5E0679E-F303-48B7-8AEA-395FC9F9F653}" = protocol=17 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe |
"{CC440A69-2067-44CB-9508-136255A745B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3745C50-00FF-4A9D-9554-BAFA3937C76C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D423E56C-72AF-4258-906F-ED82EC2944AE}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{DED26D23-01A2-4E3D-BB18-E2E6DAD1C1F5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{E6411FDC-40BE-412C-900D-C8A77E42D9A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EF7BE958-2E47-42FF-99FA-358F736B36A5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F3414847-6212-452F-A949-3B3F1D16365E}" = protocol=6 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe |
"{FC792D07-9471-4E5E-A885-412CAB97E5E3}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"TCP Query User{0AA718C1-8471-463B-B5BC-060AA5692D46}C:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{0B76BD4C-F6C3-459C-82D8-AC8AF50630F9}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{693B28D7-C26F-4621-B0ED-BE27AA8A26D3}C:\program files\resolume avenue 3.3.1\avenue.exe" = protocol=6 | dir=in | app=c:\program files\resolume avenue 3.3.1\avenue.exe |
"TCP Query User{80E8B7AD-BA23-4BA4-9D71-1F9A55135B64}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |
"TCP Query User{90D87054-9DD0-4B49-88A1-4F19C861E04D}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |
"UDP Query User{0AE160BD-C6F0-42D8-AA18-4995D3C75B8E}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{2E8CB0BC-1102-444A-BDEE-BF32CC0CB22B}C:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{34517F7C-34BB-488D-8754-7F24B4BA953A}C:\program files\resolume avenue 3.3.1\avenue.exe" = protocol=17 | dir=in | app=c:\program files\resolume avenue 3.3.1\avenue.exe |
"UDP Query User{BCB52A5B-2C18-4E95-84B8-6BBB795EFEA9}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |
"UDP Query User{CEFAE184-0FCA-403A-97EE-D5FB760491E0}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Pasek narzędzi
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ELISOFT)
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49AA7C54-B68F-1A28-D200-86314773307F}" = Muse (code name)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BEWINTERNET-PL}.UninstallSuite" = Business Everywhere
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"AdobeMuse" = Muse (code name)
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V3.X
"AQQ" = WapSter AQQ
"Audacity_is1" = Audacity 1.2.6
"CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only)
"CZATeriaKam" = CZATeriaKam 2.6.4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON B-300" = Odinstaluj drukarkę EPSON B-300
"EPSON B-300_B-500DN Przewodnik użytkownika" = EPSON B-300_B-500DN Podręcznik
"Google Chrome" = Google Chrome
"InstallShield_{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Kamerzysta" = Kamerzysta (deinstalacja)
"LastFM Motorokr Screensaver" = LastFM Motorokr Screensaver
"LastFM_is1" = Last.fm 1.5.4.27091
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl)
"Nero8Lite_is1" = Nero 8 Lite 8.1.1.4
"Notepad++" = Notepad++
"Odkurzacz 12.6_is1" = Odkurzacz 12.6
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"Picasa 3" = Picasa 3
"Poligraf 2012_is1" = Poligraf 2012 wersja 7.2.0.6
"Power Data Recovery_is1" = Power Data Recovery 4.1.1
"Resolume Avenue 3.3.1_is1" = Resolume Avenue 3.3.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"Totalcmd" = Total Commander (Remove or Repair)
"Typograf" = Typograf4.8f
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR 4.01 (32-bit)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dexpot" = Dexpot
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >[/log]



Dzięki za pomoc, chwilowo muszę wyjść z domu, ale będę wdzięczny za każdą pomoc nadal. Zauważyłem lekką juz poprawę w działaniu notebooka, jest nieźle! :)

Gość
komentarz
komentarz (edytowane)

Masz masę niepotrzebnych programow w autostarcie

[code]O4 - HKLM..\Run: [Acrobat Assistant 8.0] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BEWINTERNET-PLSessionManager] C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_F[/code]

Po co tyle tego? Wystarczy sama Panda........bo musi. Inne programy usuń z autostartu.
Zrobisz to za pomocą[b] Autoruns[/b]. Zakładka [b]Logon[/b] > tam odznacz niepotrzebne aplikacje. Po restarcie sprawdź ladowanie systemu.

http://technet.microsoft.com/en-us/sysinternals/bb963902

Kolejna sprawa. Mało miejsca na dysku C. Wprawdzie to więcej niż wymagane 10% ale moim zdaniem za mało.

Odinstaluj stary Adobe Acrobat 9 Pro i Jave. Pobierz najnowsze wersje.

Wyczyść foldery [b]Przywracania systemu[/b] - instrukcja http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415

klapkowy
komentarz
komentarz

Okej, zrobione, dzięki wielkie! Start systemu faktycznie przyspieszył. Co do porad, to ciężko będzie mi zwolnić miejsce na C, chyba że zwiększył partycję, ale to pewnie już w następny weekend. Czy wszystko działa w porządku sprawdzę jutro w pracy, bo trochę strofuję komputer uruchomionymi programami graficznymi. Ale już proszę z góry na priv o info od osób zaangażowanych w dyskusję o adres do wysyłki, na który mają iść czteropaki (możecie dołączyć też info, którą markę piwa preferujecie). No chyba że to spertajne dane ;-)

Pozdrawiam serdecznie i dzięki raz jeszcze!

Gość
komentarz
komentarz (edytowane)

[quote]Co do porad, to ciężko będzie mi zwolnić miejsce na C, chyba że zwiększył partycję,[/quote]
Na razie partycji systemowej nie ruszaj. taka operacja moze (ale nie musi) sie skonczyć żle.

Zmień rozmiar [b]Kosza[/b].

P[b]PM na ikonę Kosz > zaznacz zmień rozmaiar na niestandardowy i wpisz np. 900[/b]

To samo powtórz dla pozostałych partycji.


Mała korekta. Uruchom OTL i w oknie [b]własne opcje skanowania skrypt [/b]wklej:


[code]:OTL
IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe
O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun
O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a[/code]

Kliknij w [b]Wykonaj skrypt.[/b]
Tym razem nie bedzie restartu.

Uruchom OTL znowu i kliknij [b]Sprzatanie[/b]. To usunie program i kwarantanne.

klapkowy
komentarz
komentarz (edytowane)

Log po operacji:

[log]========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2584900148-2586021101-403457334-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found.
File G:\MicroLauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
File H:\LaunchU3.exe -a not found.

OTL by OldTimer - Version 3.2.43.1 log created on 05282012_125923[/log]

Gość
komentarz
komentarz

Wyczyść foldery [b]Przywracania systemu - instrukcja [/b]http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415

Z mojej strony to wszystko. Chyba że są nadal problemy?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.