klapkowy utworzono 23 maja 2012 utworzono 23 maja 2012 Tak naprawdę to po prostu przydałyby mi się superporządki. Mam na kompie wiele rzeczy prywatnych i co gorsza firmowych, nie mogę sobie pozwolić na reinstalację. Gdyby komuś się chciało przejrzeć logi i mi pomóc, to byłbym wdzięczny. Mogę nawet posłać czteropak kurierem (czas realizacji 24h!) : - ) Log jest tu: [url="http://wklej.eu/index.php?id=cccd0606c9"]http://wklej.eu/index.php?id=cccd0606c9[/url] Z góry dzieki!
Gość komentarz 23 maja 2012 komentarz 23 maja 2012 przeskanuj programem malwarebytes - dopoki ktos niesprawdzi logow, ja zajrzałem i widze pare podejrzanych wpisow ale nie jestem tu specem od pisania skryptow
klapkowy komentarz 23 maja 2012 Autor komentarz 23 maja 2012 (edytowane) bezpłatną wersją wystarczy? okej, jest dostępna testowa "pełna wersja", pytania nie było, skanuję za to ;-)
klapkowy komentarz 24 maja 2012 Autor komentarz 24 maja 2012 (edytowane) Właśnie jestem w pracy i nie mogę eksperymentować więcej. Na wieczór wczorajszy skan się wykrzaczał, tj. po zakończeniu (albo tuż przed) jakiegokolwiek rodzaju skanu program się zwieszał. Może przez jakiś wirus...
Gość komentarz 24 maja 2012 komentarz 24 maja 2012 programem hdtune sprawdź dysk - zakładka error scan, jeśli nic nie wykryje to zrób screena z zakładki health i podeślij nam tu
klapkowy komentarz 24 maja 2012 Autor komentarz 24 maja 2012 (edytowane) nic nie dało. status health=ok, a malwarebytes nadal nie może przeskanować kompa [url="http://img22.otofotki.pl/obrazki/wh682_HDTune_Health_TOSHIBA_MK3252GSX.png"]http://img22.otofotk...A_MK3252GSX.png[/url] [url="http://img22.otofotki.pl/obrazki/pf455_HDTune_Health_TOSHIBA_MK3252GSX2.png"]http://img22.otofotk..._MK3252GSX2.png[/url] powyżej screen'y. co robić?
Gość komentarz 24 maja 2012 komentarz 24 maja 2012 napisałem do natsuki , sprawdzi ci logi i napisze skrypt o ile będzie potrzebny
Gość komentarz 27 maja 2012 komentarz 27 maja 2012 (edytowane) Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej: [code]:OTL IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] File not found :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt.[/b] Pobierz[b] AdwCleaner [/b]i wykonaj nim skan z opcji Search. Przedstaw raport. http://general-changelog-team.fr/outils/289-adwcleaner
klapkowy komentarz 27 maja 2012 Autor komentarz 27 maja 2012 (edytowane) Raport z OTL po wykonaniu skryptu: [log]All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully. C:\Program Files\uTorrentControl2\prxtbuTor.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found. File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found. File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ deleted successfully. C:\Program Files\vShare.tv plugin\BarLcher.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found. File C:\Program Files\uTorrentControl2\prxtbuTor.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 56466 bytes User: Default User ->Flash cache emptied: 0 bytes User: klapkowy ->Flash cache emptied: 59523 bytes User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: klapkowy ->Temp folder emptied: 1805463 bytes ->Temporary Internet Files folder emptied: 156056075 bytes ->Java cache emptied: 5488703 bytes ->Google Chrome cache emptied: 310651575 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 35120 bytes RecycleBin emptied: 118742585 bytes Total Files Cleaned = 565,00 mb OTL by OldTimer - Version 3.2.43.1 log created on 05272012_131443 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Raport z AdwCleaner: # AdwCleaner v1.607 - Logfile created 05/27/2012 at 13:34:23 # Updated 23/05/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : klapkowy - KLAPKOWY-PC # Running from : D:\programy\sprzątanie kompa\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\klapkowy\AppData\Local\Conduit Folder Found : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Found : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Folder Found : C:\Users\klapkowy\AppData\LocalLow\Conduit Folder Found : C:\Users\klapkowy\AppData\Roaming\OpenCandy Folder Found : C:\ProgramData\SweetIM Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\SweetIM Folder Found : C:\Program Files\vShare.tv plugin ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Found : HKCU\Software\SweetIm Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\SweetIM Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1 Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1 Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO Key Found : HKLM\SOFTWARE\Classes\sim-packages Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator] ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1 -\\ Google Chrome v19.0.1084.52 File : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "description": "SweetIm for Facebook", Found : "name": "SweetIM for Facebook", Found : "description": "vshare.tv plugin", Found : "name": "vshare plugin", Found : "path": "chvsharetvplg.dll", Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...] Found : "name": "vShare.tv plug-in", Found : "path": "C:\\Users\\klapkowy\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extension[...] Found : "name": "vShare.tv plug-in" ************************* AdwCleaner[R1].txt - [7353 octets] - [27/05/2012 13:34:23] ########## EOF - C:\AdwCleaner[R1].txt - [7481 octets] ##########[/log]
Gość komentarz 27 maja 2012 komentarz 27 maja 2012 [b]1.T[/b]eraz zamknij wszystkie przegladarki. Uruchom Adw Cleaner i wykonaj Delete. Jak AdwCleaner skończy kliknij Uninstall [b]2.[/b] Po usuwaniu zrób nowe logi z [b]OTL wg tej instrukcji[/b] http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1
klapkowy komentarz 27 maja 2012 Autor komentarz 27 maja 2012 (edytowane) Skan z ADS Celaner: [log]# AdwCleaner v1.607 - Logfile created 05/27/2012 at 13:43:25 # Updated 23/05/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : klapkowy - KLAPKOWY-PC # Running from : D:\programy\sprzątanie kompa\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\klapkowy\AppData\Local\Conduit Folder Deleted : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Deleted : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Folder Deleted : C:\Users\klapkowy\AppData\LocalLow\Conduit Folder Deleted : C:\Users\klapkowy\AppData\Roaming\OpenCandy Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\Program Files\Conduit Deleted on reboot : C:\Program Files\SweetIM Folder Deleted : C:\Program Files\vShare.tv plugin ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Deleted : HKCU\Software\SweetIm Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\SweetIM Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1 Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1 --> hxxp://www.google.fr -\\ Google Chrome v19.0.1084.52 File : C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "description": "SweetIm for Facebook", Deleted : "name": "SweetIM for Facebook", Deleted : "description": "vshare.tv plugin", Deleted : "name": "vshare plugin", Deleted : "path": "chvsharetvplg.dll", Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...] Deleted : "name": "vShare.tv plug-in", Deleted : "path": "C:\\Users\\klapkowy\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extension[...] Deleted : "name": "vShare.tv plug-in" ************************* AdwCleaner[R1].txt - [7482 octets] - [27/05/2012 13:34:23] AdwCleaner[S1].txt - [7618 octets] - [27/05/2012 13:43:25] ########## EOF - C:\AdwCleaner[S1].txt - [7746 octets] ########## Log z OTL: OTL logfile created on: 2012-05-27 13:50:14 - Run 3 OTL by OldTimer - Version 3.2.43.1 Folder = D:\programy\sprzątanie kompa Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,76% Memory free 5,99 Gb Paging File | 4,49 Gb Available in Paging File | 75,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,20 Gb Total Space | 5,49 Gb Free Space | 14,00% Space Free | Partition Type: NTFS Drive D: | 126,95 Gb Total Space | 17,64 Gb Free Space | 13,89% Space Free | Partition Type: NTFS Drive E: | 131,83 Gb Total Space | 16,69 Gb Free Space | 12,66% Space Free | Partition Type: NTFS Computer Name: KLAPKOWY-PC | User Name: klapkowy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-23 20:44:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\programy\sprzątanie kompa\OTL.exe PRC - [2012-05-23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-04-04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-04-04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-03-19 10:51:36 | 000,217,256 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe PRC - [2011-11-19 13:34:54 | 000,364,544 | ---- | M] (Common Group) -- C:\Program Files\MUSTEK 1248UB\Driver\WATCH.exe PRC - [2011-04-28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PRC - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe PRC - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeacoms.exe PRC - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009-11-11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 17:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009-08-18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2008-07-15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE PRC - [2008-06-12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- E:\Adobe CS4\Acrobat 9.0\Acrobat\acrobat_sl.exe PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- E:\Adobe CS4\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2007-01-11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE PRC - [2004-04-20 11:21:04 | 000,065,256 | ---- | M] (Neuber GbR) -- C:\Program Files\Typograf\Ttfman.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-24 17:34:53 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll MOD - [2012-04-24 17:32:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\87bb94208da627ef82f1baf7565429fb\System.Runtime.Remoting.ni.dll MOD - [2012-04-24 17:31:39 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll MOD - [2012-04-24 15:02:53 | 000,115,137 | ---- | M] () -- D:\TEMP\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll MOD - [2012-04-24 14:55:58 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7eb4a3ea2a40992aee2c4bbd12e03e92\PresentationFramework.ni.dll MOD - [2012-04-24 14:55:06 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll MOD - [2012-04-24 14:55:05 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll MOD - [2012-04-24 14:54:54 | 011,469,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\ae40bbaf5a559e09ab86abb4a0e3b82a\PresentationCore.ni.dll MOD - [2012-04-24 14:54:52 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\15e071596162d504ead0394ec971ad3b\PresentationFramework.Aero.ni.dll MOD - [2012-04-24 14:54:49 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\389da1e0e62a532f956f05709447e8aa\System.Windows.Forms.ni.dll MOD - [2012-04-24 14:54:37 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b09b3c662a1d39ed782f8c54c62a4067\WindowsBase.ni.dll MOD - [2012-04-24 14:54:36 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6b80af748bbb01fead3aefa778d2a30a\System.Drawing.ni.dll MOD - [2012-04-24 14:54:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll MOD - [2012-04-24 14:54:16 | 014,414,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll MOD - [2012-04-04 07:05:28 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe MOD - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe MOD - [2010-04-05 12:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll MOD - [2010-04-05 12:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll MOD - [2010-04-05 12:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll MOD - [2010-04-05 12:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll MOD - [2010-04-05 12:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll MOD - [2010-04-01 19:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll MOD - [2010-04-01 19:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll MOD - [2009-06-23 13:11:11 | 000,094,208 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll MOD - [2009-06-23 13:10:44 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll MOD - [2009-06-23 13:09:46 | 002,203,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll MOD - [2009-05-27 14:16:50 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll MOD - [2009-04-28 09:56:40 | 000,024,576 | ---- | M] () -- C:\Windows\System32\LXEAsmr.dll MOD - [2009-04-07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll MOD - [2009-03-10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll MOD - [2009-03-02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll MOD - [2009-02-20 10:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXEAsm.dll MOD - [2008-05-22 04:29:31 | 000,458,752 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll MOD - [2008-05-22 04:27:17 | 000,372,736 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-08-16 21:39:56 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-04-28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeacoms.exe -- (lxea_device) SRV - [2010-04-14 22:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService) SRV - [2009-12-03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009-10-14 17:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-08-18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-07-15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2007-01-11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2012-05-24 19:55:12 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012-02-25 17:56:07 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2012-01-05 14:10:13 | 000,144,136 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt) DRV - [2011-11-30 19:37:27 | 000,112,904 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt) DRV - [2011-11-23 10:59:43 | 000,126,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC) DRV - [2011-11-19 13:34:48 | 000,017,504 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gt680x.sys -- (GT680x) DRV - [2011-06-02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-06-02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV - [2011-06-02 07:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV - [2011-06-02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV - [2011-05-13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2011-05-13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2011-04-28 13:57:21 | 000,111,176 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc) DRV - [2011-04-28 13:57:20 | 000,099,400 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile) DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-02-25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey) DRV - [2010-01-26 17:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-08-18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-04-29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2008-10-09 03:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-05-06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.fr"]http://www.google.fr[/url] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.google.com/ie"]http://www.google.com/ie[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.google.co...Box&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\SearchScopes\{E3C9C50E-AFA8-4CA4-87B6-3702B56B9355}: "URL" = [url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"]http://www.google.co...ie=utf8&oe=utf8[/url] IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-05-17 10:10:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011-08-16 10:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Extensions [2011-08-16 10:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-04-20 11:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Firefox\extensions [2012-04-20 11:24:07 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\klapkowy\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-04-25 21:05:19 | 000,574,660 | ---- | M] () (No name found) -- C:\USERS\KLAPKOWY\APPDATA\ROAMING\THUNDERBIRD\PROFILES\D7X44BS4.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = E:\Adobe CS4\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - Extension: uTorrentControl2 = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\ CHR - Extension: uTorrentControl2 = C:\Users\klapkowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O3 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\Toolbar\ShellBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [Acrobat Assistant 8.0] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BEWINTERNET-PLSessionManager] C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe () O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe () O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security) O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [0F202E3ADF64B196D3BBFC53B28719298B0D39EC._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [DIMPobieranie aktualizacji...1300677038363] C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe (Corel Corporation) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [DIMTrwa pobieranie...1271254118180] c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe (Corel Corporation) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [EPSON B-300] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICZE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software) O4 - HKU\S-1-5-21-2584900148-2586021101-403457334-1001..\Run: [TTFMan] c:\Program Files\Typograf\Ttfman.exe (Neuber GbR) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5858E911-CE84-4873-8FFB-FA63424B4F5B}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-05-23 22:52:38 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012-05-23 22:52:37 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\AppData\Roaming\Malwarebytes [2012-05-23 22:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-05-23 10:14:51 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\AppData\Roaming\Temp [2012-05-20 17:18:04 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\olivka [2012-05-17 10:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012-05-17 10:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012-05-15 02:01:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-05-15 02:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-05-15 02:01:35 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-05-08 13:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2012-05-08 13:54:37 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\uFonts [2012-05-08 13:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2012-05-07 09:44:57 | 000,000,000 | ---D | C] -- C:\Users\klapkowy\Desktop\atg-foto-wizyt [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-05-27 13:53:01 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-27 13:53:01 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-27 13:45:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-27 13:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-27 13:44:42 | 2412,195,840 | -HS- | M] () -- C:\hiberfil.sys [2012-05-27 13:35:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-24 19:55:12 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012-05-24 19:54:52 | 000,027,490 | ---- | M] () -- C:\Users\klapkowy\Desktop\HDTune_Error_Scan_TOSHIBA_MK3252GSX.png [2012-05-23 10:31:52 | 000,154,083 | ---- | M] () -- C:\Users\klapkowy\Desktop\Kontakty001-2.csv [2012-05-23 10:11:43 | 000,784,672 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-05-23 10:11:43 | 000,698,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-05-23 10:11:43 | 000,172,082 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-05-23 10:11:43 | 000,138,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-05-22 23:49:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-05-22 23:49:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-05-20 15:34:28 | 001,391,146 | ---- | M] () -- C:\Users\klapkowy\Desktop\graf.cdr [2012-05-18 13:10:23 | 000,218,618 | ---- | M] () -- C:\Users\klapkowy\Desktop\2012-05-18 13;10;42.JPG [2012-05-17 10:10:42 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012-05-15 02:01:38 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-05-10 20:28:38 | 002,774,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-05-08 13:54:39 | 000,000,223 | ---- | M] () -- C:\Users\klapkowy\Desktop\SweetPcFix.url [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-24 19:54:52 | 000,027,490 | ---- | C] () -- C:\Users\klapkowy\Desktop\HDTune_Error_Scan_TOSHIBA_MK3252GSX.png [2012-05-23 10:31:52 | 000,154,083 | ---- | C] () -- C:\Users\klapkowy\Desktop\Kontakty001-2.csv [2012-05-22 23:49:51 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-05-22 23:49:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-05-20 15:34:26 | 001,391,146 | ---- | C] () -- C:\Users\klapkowy\Desktop\graf.cdr [2012-05-18 13:10:49 | 000,218,618 | ---- | C] () -- C:\Users\klapkowy\Desktop\2012-05-18 13;10;42.JPG [2012-05-17 10:10:42 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012-05-15 02:01:38 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012-05-08 13:54:37 | 000,000,223 | ---- | C] () -- C:\Users\klapkowy\Desktop\SweetPcFix.url [2012-04-17 14:23:11 | 000,073,564 | ---- | C] () -- C:\Users\klapkowy\AppData\Roaming\PitStopConnect9FontInfo_PL10_FallBack.dat [2012-04-07 14:30:24 | 000,003,584 | ---- | C] () -- C:\Users\klapkowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-04-07 14:28:35 | 000,033,019 | ---- | C] () -- C:\Windows\System32\CoreAAC-uninstall.exe [2012-03-06 12:14:26 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat [2012-02-29 11:36:11 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxeavs.dll [2012-02-29 11:36:06 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeacoin.dll [2012-02-29 11:35:57 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxeagcfg.dll [2012-02-29 11:35:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeacui.dll [2012-02-29 11:35:54 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeacuir.dll [2012-02-29 11:33:05 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxearwrd.ini [2012-02-29 11:32:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxeainpa.dll [2012-02-29 11:32:47 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEAhcp.dll [2012-02-29 11:32:47 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEAinst.dll [2012-02-29 11:32:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxeaserv.dll [2012-02-29 11:32:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxeausb1.dll [2012-02-29 11:32:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxeapmui.dll [2012-02-29 11:32:46 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeaiesc.dll [2012-02-29 11:32:45 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxealmpm.dll [2012-02-29 11:32:45 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxeains.dll [2012-02-29 11:32:45 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxeainsb.dll [2012-02-29 11:32:45 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeainsr.dll [2012-02-29 11:32:45 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxeajswr.dll [2012-02-29 11:32:44 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxeahbn3.dll [2012-02-29 11:32:44 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxeaih.exe [2012-02-29 11:32:44 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeacu.dll [2012-02-29 11:32:44 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxeagrd.dll [2012-02-29 11:32:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeacub.dll [2012-02-29 11:32:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeacur.dll [2012-02-29 11:32:43 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeacomc.dll [2012-02-29 11:32:43 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeacoms.exe [2012-02-29 11:32:43 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeacfg.exe [2012-02-29 11:32:43 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeacomm.dll [2012-02-29 11:32:27 | 000,024,576 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll [2012-02-29 11:32:26 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll [2012-02-25 15:41:47 | 000,007,605 | ---- | C] () -- C:\Users\klapkowy\AppData\Local\Resmon.ResmonCfg [2011-11-19 13:35:43 | 000,017,504 | ---- | C] ( ) -- C:\Windows\System32\drivers\gt680x.sys [2011-09-16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-09-16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011-09-16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011-09-16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011-09-16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011-08-20 04:08:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-08-18 11:46:08 | 000,000,026 | ---- | C] () -- C:\Windows\CDEB300EURO.ini [2011-08-17 09:19:39 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011-08-17 09:19:39 | 000,000,088 | RHS- | C] () -- C:\ProgramData\2FB3EAF355.sys [2011-08-17 00:34:29 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-08-17 00:33:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-08-15 19:12:24 | 000,784,672 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2011-08-15 19:12:24 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2011-08-15 19:12:24 | 000,172,082 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2011-08-15 19:12:24 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2011-08-15 18:01:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [color=#E56717]========== LOP Check ==========[/color] [2012-05-26 11:56:09 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\AIMP3 [2011-08-29 04:22:27 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\AutoUpdate [2011-08-17 09:19:38 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Bitstream [2012-04-07 00:34:58 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Broad Intelligence [2012-04-07 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Cocoon Software [2012-02-25 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Dexpot [2012-05-25 14:19:48 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Dropbox [2012-02-06 20:52:39 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\EliSoft [2012-02-28 13:26:00 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Enfocus [2012-01-08 19:46:38 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\GHISLER [2012-01-11 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\gtk-2.0 [2011-09-03 00:30:44 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Kamerzysta [2012-01-08 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Notepad++ [2012-03-06 12:15:18 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Panda Security [2012-04-06 19:53:42 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Resolume [2012-03-10 19:56:42 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Resolume Avenue 3 [2011-10-23 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Samsung [2012-05-23 10:42:31 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Temp [2011-08-16 10:32:22 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Thunderbird [2011-08-17 09:06:58 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\Typograf [2012-05-22 23:46:16 | 000,000,000 | ---D | M] -- C:\Users\klapkowy\AppData\Roaming\uTorrent [2012-02-07 10:16:27 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > + extras.txt OTL Extras logfile created on: 2012-05-27 13:50:14 - Run 3 OTL by OldTimer - Version 3.2.43.1 Folder = D:\programy\sprzątanie kompa Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,76% Memory free 5,99 Gb Paging File | 4,49 Gb Available in Paging File | 75,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,20 Gb Total Space | 5,49 Gb Free Space | 14,00% Space Free | Partition Type: NTFS Drive D: | 126,95 Gb Total Space | 17,64 Gb Free Space | 13,89% Space Free | Partition Type: NTFS Drive E: | 131,83 Gb Total Space | 16,69 Gb Free Space | 12,66% Space Free | Partition Type: NTFS Computer Name: KLAPKOWY-PC | User Name: klapkowy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09ED28C7-488D-45BC-AE51-C8CCF5F5D092}" = rport=139 | protocol=6 | dir=out | app=system | "{0B506A35-665B-4EA0-850F-F2D0F28DE555}" = rport=137 | protocol=17 | dir=out | app=system | "{0DC61FD3-C01E-47A2-9D66-EA17B36FB4B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1BDD35B9-83A8-4F1E-A8C9-81265A629B49}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{21ECBF70-EEB7-423A-BBD0-EED4A3C37204}" = lport=10243 | protocol=6 | dir=in | app=system | "{2EAD2110-65A6-4994-BC2A-C558FFA82DE6}" = lport=2869 | protocol=6 | dir=in | app=system | "{3299BE51-781C-4837-88DE-A1D018D9051D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{36B27981-DC38-44FA-AF78-4737B1171D9E}" = lport=139 | protocol=6 | dir=in | app=system | "{3BBAF90C-EB5F-4724-8078-594B2FEDD494}" = rport=10243 | protocol=6 | dir=out | app=system | "{418BD516-3D7F-4EE1-93C4-F3CBF2B7FB26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{58260B59-3CE4-4F69-BEF7-B4BBE24ACD21}" = rport=445 | protocol=6 | dir=out | app=system | "{5F392D42-33AB-4CE5-A2B7-87D11EF2710A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{75C46475-C4EB-4F65-9E00-C64FB42D60A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7EC60990-8791-4695-8445-6A29538F06B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A96F0D10-3670-463F-87E8-DE8C4EFB79BA}" = lport=137 | protocol=17 | dir=in | app=system | "{ABD1EE45-8BAB-4255-99C4-8394ECE5CAAE}" = lport=138 | protocol=17 | dir=in | app=system | "{BA97723F-72AC-4A04-B834-C05B23FC3DB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C2277B53-3967-42BC-B82A-0D274E1A3FBF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{DC1552CA-C5A6-4A4A-AFD7-3D076536E0B1}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{DC6779DF-5936-4472-8131-719C1872A5BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E810EA7F-57B4-4FDF-9872-21FDF002734F}" = lport=445 | protocol=6 | dir=in | app=system | "{ED5B9506-6BFB-4586-B1C9-E8D22FFE0BDD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F5A56475-7A9D-444D-98A9-13C48DDFA501}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F88ED812-B479-44F1-AE0A-956A914BCAEC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FC37C257-6914-42B3-BA28-CEFB92733837}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06629025-806B-498D-968E-61C0DF0E2065}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{19964160-0715-4F46-9506-5F04535B25D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2AF16379-E210-4775-8E21-BB418F0217AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{39CF9577-700F-4828-9A56-DF24D1FE352E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3B4FE452-482B-45BA-B718-BF8C3FB5D860}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{44070E02-2A71-4DA4-BF8F-A08F6DCAE0C1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{48BDFAB2-5E7C-4176-AF7F-5583B7104652}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4FB1967C-CB3C-408E-894E-8C08EB3AF555}" = dir=in | app=c:\windows\system32\lxeacoms.exe | "{5033C2AE-8C88-4A0B-8C01-3B6D5BD0D016}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{511A282E-9736-4212-B72E-51CCA324F74E}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{56729C08-E851-40E3-8522-D56E9D870672}" = protocol=6 | dir=out | app=system | "{63D7A8EC-FEBA-410D-A9D7-B623905E810B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{668D379F-074D-443B-B7A9-653921B38015}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{67C25E14-5304-429D-9F80-217519865820}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6959B29F-9090-459E-B2BE-FD71D9C5257C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6E2252D8-1B51-4349-9AE7-77E85832E406}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{6F81BAF7-CAC9-4D71-BE95-ED5AD3028E50}" = dir=in | app=c:\windows\system32\lxeacoms.exe | "{741B0970-AFAC-4F60-945C-5F35AAD49E4A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{79745968-A6F1-4902-A612-8F4346A0E1DE}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{7B8C764C-00DA-4A5E-B876-86C5B99B5416}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{88399013-2779-4356-B8D4-5786BFB73875}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{8E7BFB2A-1A6A-4F0A-A744-A7A07D868073}" = dir=in | app=c:\windows\system32\lxeacoms.exe | "{907392FA-CF6B-48B9-95EC-5E37112061CE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{9E950097-A295-4299-8FCA-162A152A3D9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A7CBC30C-73F5-46A2-8AF4-8F9821A6A123}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A9B955CA-3C23-4EEB-849C-7DDAA6455672}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{B38C19C0-08C8-4672-9AF4-FDAFD021E442}" = protocol=6 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe | "{BBCD886A-E050-46A0-AE9B-B7EBCF95141B}" = protocol=17 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe | "{C27DCCE4-A1C3-4905-B8E2-784C940A2D13}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{C2A994BB-C195-4FD1-A2E4-E56A040A0A7D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C3C37D53-CAB2-4F5B-A269-A0B2A9D867CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C5E0679E-F303-48B7-8AEA-395FC9F9F653}" = protocol=17 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe | "{CC440A69-2067-44CB-9508-136255A745B7}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D3745C50-00FF-4A9D-9554-BAFA3937C76C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D423E56C-72AF-4258-906F-ED82EC2944AE}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{DED26D23-01A2-4E3D-BB18-E2E6DAD1C1F5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{E6411FDC-40BE-412C-900D-C8A77E42D9A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EF7BE958-2E47-42FF-99FA-358F736B36A5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{F3414847-6212-452F-A949-3B3F1D16365E}" = protocol=6 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe | "{FC792D07-9471-4E5E-A885-412CAB97E5E3}" = dir=in | app=c:\windows\system32\lxeacoms.exe | "TCP Query User{0AA718C1-8471-463B-B5BC-060AA5692D46}C:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{0B76BD4C-F6C3-459C-82D8-AC8AF50630F9}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{693B28D7-C26F-4621-B0ED-BE27AA8A26D3}C:\program files\resolume avenue 3.3.1\avenue.exe" = protocol=6 | dir=in | app=c:\program files\resolume avenue 3.3.1\avenue.exe | "TCP Query User{80E8B7AD-BA23-4BA4-9D71-1F9A55135B64}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "TCP Query User{90D87054-9DD0-4B49-88A1-4F19C861E04D}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "UDP Query User{0AE160BD-C6F0-42D8-AA18-4995D3C75B8E}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{2E8CB0BC-1102-444A-BDEE-BF32CC0CB22B}C:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\klapkowy\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{34517F7C-34BB-488D-8754-7F24B4BA953A}C:\program files\resolume avenue 3.3.1\avenue.exe" = protocol=17 | dir=in | app=c:\program files\resolume avenue 3.3.1\avenue.exe | "UDP Query User{BCB52A5B-2C18-4E95-84B8-6BBB795EFEA9}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "UDP Query User{CEFAE184-0FCA-403A-97EE-D5FB760491E0}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension "_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Pasek narzędzi "{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office "{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en "{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data "{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA "{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ELISOFT) "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5 "{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{49AA7C54-B68F-1A28-D200-86314773307F}" = Muse (code name) "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2 "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA "{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection "{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BEWINTERNET-PL}.UninstallSuite" = Business Everywhere "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com "{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark "{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English "{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4 "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser "{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content "Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection "AdobeMuse" = Muse (code name) "AIMP3" = AIMP3 "ALLPlayer_is1" = ALLPlayer V3.X "AQQ" = WapSter AQQ "Audacity_is1" = Audacity 1.2.6 "CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552 "CCleaner" = CCleaner "CDex" = CDex - Open Source Digital Audio CD Extractor "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only) "CZATeriaKam" = CZATeriaKam 2.6.4 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON B-300" = Odinstaluj drukarkę EPSON B-300 "EPSON B-300_B-500DN Przewodnik użytkownika" = EPSON B-300_B-500DN Podręcznik "Google Chrome" = Google Chrome "InstallShield_{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Kamerzysta" = Kamerzysta (deinstalacja) "LastFM Motorokr Screensaver" = LastFM Motorokr Screensaver "LastFM_is1" = Last.fm 1.5.4.27091 "Lexmark S300-S400 Series" = Lexmark S300-S400 Series "LSI Soft Modem" = LSI HDA Modem "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl) "Nero8Lite_is1" = Nero 8 Lite 8.1.1.4 "Notepad++" = Notepad++ "Odkurzacz 12.6_is1" = Odkurzacz 12.6 "Panda Cloud Antivirus" = Panda Cloud Antivirus "Panda Security URL Filtering" = Panda Security URL Filtering "pandasecuritytb" = Panda Security Toolbar "Picasa 3" = Picasa 3 "Poligraf 2012_is1" = Poligraf 2012 wersja 7.2.0.6 "Power Data Recovery_is1" = Power Data Recovery 4.1.1 "Resolume Avenue 3.3.1_is1" = Resolume Avenue 3.3.1 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Toolbar Cleaner" = Toolbar Cleaner 1.0 "Totalcmd" = Total Commander (Remove or Repair) "Typograf" = Typograf4.8f "uTorrent" = µTorrent "uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.6 "WinRAR archiver" = WinRAR 4.01 (32-bit) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2584900148-2586021101-403457334-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dexpot" = Dexpot "Dropbox" = Dropbox "MyFreeCodec" = MyFreeCodec [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >[/log] Dzięki za pomoc, chwilowo muszę wyjść z domu, ale będę wdzięczny za każdą pomoc nadal. Zauważyłem lekką juz poprawę w działaniu notebooka, jest nieźle!
Gość komentarz 27 maja 2012 komentarz 27 maja 2012 (edytowane) Masz masę niepotrzebnych programow w autostarcie [code]O4 - HKLM..\Run: [Acrobat Assistant 8.0] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BEWINTERNET-PLSessionManager] C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe () O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe () O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_F[/code] Po co tyle tego? Wystarczy sama Panda........bo musi. Inne programy usuń z autostartu. Zrobisz to za pomocą[b] Autoruns[/b]. Zakładka [b]Logon[/b] > tam odznacz niepotrzebne aplikacje. Po restarcie sprawdź ladowanie systemu. http://technet.microsoft.com/en-us/sysinternals/bb963902 Kolejna sprawa. Mało miejsca na dysku C. Wprawdzie to więcej niż wymagane 10% ale moim zdaniem za mało. Odinstaluj stary Adobe Acrobat 9 Pro i Jave. Pobierz najnowsze wersje. Wyczyść foldery [b]Przywracania systemu[/b] - instrukcja http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415
klapkowy komentarz 27 maja 2012 Autor komentarz 27 maja 2012 Okej, zrobione, dzięki wielkie! Start systemu faktycznie przyspieszył. Co do porad, to ciężko będzie mi zwolnić miejsce na C, chyba że zwiększył partycję, ale to pewnie już w następny weekend. Czy wszystko działa w porządku sprawdzę jutro w pracy, bo trochę strofuję komputer uruchomionymi programami graficznymi. Ale już proszę z góry na priv o info od osób zaangażowanych w dyskusję o adres do wysyłki, na który mają iść czteropaki (możecie dołączyć też info, którą markę piwa preferujecie). No chyba że to spertajne dane ;-) Pozdrawiam serdecznie i dzięki raz jeszcze!
Gość komentarz 28 maja 2012 komentarz 28 maja 2012 (edytowane) [quote]Co do porad, to ciężko będzie mi zwolnić miejsce na C, chyba że zwiększył partycję,[/quote] Na razie partycji systemowej nie ruszaj. taka operacja moze (ale nie musi) sie skonczyć żle. Zmień rozmiar [b]Kosza[/b]. P[b]PM na ikonę Kosz > zaznacz zmień rozmaiar na niestandardowy i wpisz np. 900[/b] To samo powtórz dla pozostałych partycji. Mała korekta. Uruchom OTL i w oknie [b]własne opcje skanowania skrypt [/b]wklej: [code]:OTL IE - HKU\S-1-5-21-2584900148-2586021101-403457334-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell - "" = AutoRun O33 - MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a[/code] Kliknij w [b]Wykonaj skrypt.[/b] Tym razem nie bedzie restartu. Uruchom OTL znowu i kliknij [b]Sprzatanie[/b]. To usunie program i kwarantanne.
klapkowy komentarz 28 maja 2012 Autor komentarz 28 maja 2012 (edytowane) Log po operacji: [log]========== OTL ========== Registry value HKEY_USERS\S-1-5-21-2584900148-2586021101-403457334-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44bd4216-40ea-11e1-a229-002186b6810f}\ not found. File G:\MicroLauncher.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b2f-d276-11e0-b0d4-002186b6810f}\ not found. File H:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6927b3a-d276-11e0-b0d4-002186b6810f}\ not found. File H:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found. File H:\LaunchU3.exe -a not found. OTL by OldTimer - Version 3.2.43.1 log created on 05282012_125923[/log]
Gość komentarz 28 maja 2012 komentarz 28 maja 2012 Wyczyść foldery [b]Przywracania systemu - instrukcja [/b]http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415 Z mojej strony to wszystko. Chyba że są nadal problemy?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.