x-kom hosting

Po "naprawie" komputer padł zupełnie - pamięć nie może być read/written, menedżer pulpitu przestał działać/odpowiadać, program przestał działać/odpowiadać

Przejdź do rekomendowanej odpowiedzi Autor: Zayfi ,
Majorka636
utworzono
utworzono

Witam,

oddałam kompa do naprawy. Naprawa trwała miesiąc (sic!!!!), wczoraj kompa odebrałam "naprawionego".

Był w serwisie bo buczał i nie dał się włączyć, gdy się go wyłączyło po dłuższym korzystaniu.

Orzeknięto że to wina głównego dysku, a że był na gwarancji to naprawa za free (niestety).

Wczoraj przyniosłam do domu, dziś zasiadam i oto co następuje:

1. Gdy włączam neta (IE) wyskakuje że instrukcja spod odwołuje się do pamięci pod adresem xxx (ciągle inne numerki) i pamięć nie może być read (albo written) - czasem tak a czasem tak.

No i oczywiście wszystkie strony www się wyłączają.

2. Spróbowałam przez Firefoxa - wyskoczyło że pojawił się błąd i przeglądarki nie da się otworzyć, mogę wysłać tę informację do producenta

3. Otworzyłam sobie lightrooma (a potem jeszcze inne programy) - program przestał działać i się wyłączył. 

4. Na pulpicie co jakiś czas wyskakuje że "menedżer pulpitu przestał działać/odpowiadać.

5. Komp działa gorzej od żółwia, jak coś kliknę to myśli ze 30sekund zanim zadzieje się cokolwiek :/

 

Pomocy, bo już nie wiem co mam robić - najchętniej roztrzaskałabym tego kompa na łbie "naprawiacza" bo z takimi umiejętnościami to rowy kopać a nie komputery naprawiać (bujamy się z gościem już dłuższy czas, bo komp niby na gwarancji).

hazhell
komentarz
komentarz

No i będziesz się bujać. A jak gwarancja się skończy to jeszcze będziesz musiała za to płacić. Ten komputer to laptop czy stacjonarny? Na jakiej zasadzie był kupiony, jak działa ta gwarancja. Co to za serwis w ogóle. 

Majorka636
komentarz
komentarz

Stacjonarny, porządny miał być, taki do gier specjalnie :/

No był kupiony w sklepie z serwisem - to właśnie tam mają takiego naprawiacza genialnego :/ ale tam jest on i nikt inny.

No gwarancja działa normalnie - mam jakieś tam rachunki czy paragony, a poza tym mieszkamy teraz w małej miejscowości i koleś wie że było kupione u niego - przez te niuanse "znajomych znajomego" tak bartdzo nienawidzę wsi uhhhhh :/

Nameful
komentarz
komentarz

NIGDY nie kupuj gotowców ze sklepu. NIGDY. Jak chcesz PC, to załóż na tym forum temat i zamów odpowiednie części z usługą montażu.

HusaRZ007
komentarz
komentarz

Dobra, podaj całą specyfikacje komputera ( tzn.,jaki procesor, zasilacz itd.).

Majorka636
komentarz
komentarz (edytowane)

Nie no, to był składak - taki specjalnie do gier złożony, powiedziałam czego oczekuje i został złożony.

Błędem było tylko to że nie był kupiony na wsi tylko na wiosce, gdzie się przeprowadziliśmy (bo wyjdzie taniej).

I jak to jest na wiochach - przecież nie opier..... bo będą gadać.

Chociaż ja tam miałam to gdzieś i przy ostatniej "naprawie" objechałam gościa z góry w dół, ale jak widać słabo mu to dało do myślenia :/

 

Specyfikację będę przepisywać (bo jestem na laptopie, komp zdecydowanie nie pozwala mi zrobić nic poza wejściem w mój komputer):

win7 home premium

procesor: intel (r) core (tm) i5-2400 CPU @ 3.10ghZ 3.30 GHz

RAM: 4GB (dostępne 3,49gb)

typ systemu: 32bit

karta graficzna: AMD Radeon HD 6700 series

karty sieciowe: realtek PCIe GBE Family Controller

                        TP LINK 150Mbps Wireless Lite N Adapter

 

Tyle wyczytałam.

 

      

 

HusaRZ007
komentarz
komentarz

Jeszcze raz. Na paragonie, fakturze albo gwarancjii masz napisane wszystkie podzespoły. Napisz je tutaj.

Majorka636
komentarz
komentarz

A inaczej się nie da znaleźć?

Bo te rachunki są u naprawiacza - niby potrzebował ich jak odsyłał tą część do reklamacji, więc mu daliśmy razem z pudełkiem.

hazhell
komentarz
komentarz (edytowane)

Pewnie wcisnął Ci najtańszy zasilacz typu logic 500 czy 600W i całą resztę za chore pieniądze. Poskładał tak jak umiał. Teraz wszystko się psuje to głupa udaje. W żadnym serwisie to nie jest tylko na sklepie i biorą Ciebie na wstrzymanie. Kurde tak było w latach 90-tych jak mało kto miał informacje o tym co kupuje, a jedynym źródłem informacji był sprzedawca, który potrafił wszystko wcisnąć. Dlatego trzeba było odwiedzić 10 sklepów, kupić PCWorld itp, aby coś wiedzieć. Ja bym się nie cackał i wymusił zwrot kasy, za wadliwy sprzęt. Wizyta u UOKiK. Jak odzyskasz kasę to wtedy złożymy Ci to w porządnym sklepie, gdzie nie będzie takich numerów osiedlowego cwaniaka. Inaczej cały czas będziesz się z tym bujać.

HusaRZ007
komentarz
komentarz

Dokładnie.

Majorka636
komentarz
komentarz

Hmmmm, no właśnie aż próbowałam sprawdzić wg jakiegoś tutoriala, ale nie ma informacji żadnej w widocznym miejscu i trzeba by było ten zasilacz pewnie jakoś odkręcić, a tego to już się boję że zepsuje jeszcze bardziej :/

 

Ogólnie to do kompa (jak działa) nie mam zastrzeżeń, bo wszystkie najnowsze tytuły idą na najwyższych szczegółach bez najmniejszego przycięcia, tylko właśnie ta jedna kwestia..... "jak działa" :/

hazhell
komentarz
komentarz

Póki nie działa normalnie jest to wadliwy towar. To jak kupić spleśniały ser i mówić, no ale jak wykroje to się da zjeść.

Majorka636
komentarz
komentarz

Rozebrałam to ustrojstwo :D

Tylko nie wiem co mam napisać, które cyferki tego zasilacza są ważne ;)

firma to chyba IBOX

MAX 550W

hazhell
komentarz
komentarz

Zasilacz tragedia. To czarna lista. To pewnie on doprowadził do uszkodzenia dysku twardego albo i nawet płyty głównej. Nie ma co się cackać, ale iść i postawić sprawę jasno, zwrot kasy albo sąd. Wizyta w UOKiK popytaj o paragrafy, przedstaw to w sklepie. Niestety taki cwaniak pewnie Ciebie przegada, ale niestety póki ten zasilacz jest w tym zestawie to bomba z opóźnionym zapłonem, która z resztą już narobiła szkód. Jedno jest pewne jak znowu oddasz na gwarancje to znowu miesiąc poleży w sklepie. Byle tylko się gwarancja skończyła i będzie mógł Ci oficjalnie powiedzieć, że ma to gdzieś.

Majorka636
komentarz
komentarz

No to niezle.....

Dzięki, przynajmniej wiem na czym stoję :/

Zayfi
komentarz
komentarz

1. Gdy włączam neta (IE) wyskakuje że instrukcja spod odwołuje się do pamięci pod adresem xxx (ciągle inne numerki) i pamięć nie może być read (albo written) - czasem tak a czasem tak.

No i oczywiście wszystkie strony www się wyłączają.

2. Spróbowałam przez Firefoxa - wyskoczyło że pojawił się błąd i przeglądarki nie da się otworzyć, mogę wysłać tę informację do producenta

3. Otworzyłam sobie lightrooma (a potem jeszcze inne programy) - program przestał działać i się wyłączył.

 

 

 

Zasilacz, zasilaczem. Ale te komunikaty nie maja z nim nic wspólnego. Masz najprawdopodobniej zainfekowany system.

 

zrób logi z OTL i wstaw

http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/

Majorka636
komentarz
komentarz (edytowane)

OTL.txt

[log]

OTL logfile created on: 2013-11-15 16:38:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,49 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 69,68% Memory free
6,98 Gb Paging File | 5,82 Gb Available in Paging File | 83,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 196,46 Gb Free Space | 67,08% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 107,53 Gb Free Space | 33,68% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 201,05 Gb Free Space | 62,97% Space Free | Partition Type: NTFS
Drive N: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 3,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WIN7-KOMPUTER | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-11-15 16:34:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.com
PRC - [2013-11-15 03:44:12 | 000,023,040 | ---- | M] () -- C:\Program Files\BasicServe\basicstarter.exe
PRC - [2013-11-13 14:41:05 | 000,066,328 | ---- | M] () -- C:\Program Files\DiVapton\updateDiVapton.exe
PRC - [2013-11-13 08:42:06 | 000,066,328 | ---- | M] () -- C:\Program Files\DiVapton\bin\utilDiVapton.exe
PRC - [2013-10-22 16:11:05 | 002,864,096 | ---- | M] () -- C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
PRC - [2013-08-23 09:05:24 | 000,424,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) -- C:\Program Files\WinZipper\winzipersvc.exe
PRC - [2013-08-22 05:03:49 | 000,303,680 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013-05-25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\win7\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013-05-03 15:06:08 | 001,040,720 | ---- | M] (BitTorrent Inc.) -- C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-02-28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-02-28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-15 04:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011-07-28 22:35:52 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 22:35:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-11-20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 22:29:10 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010-11-20 22:29:06 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010-07-12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-12-03 09:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-10-22 16:11:05 | 002,864,096 | ---- | M] () -- C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
MOD - [2013-10-22 16:09:45 | 002,735,584 | ---- | M] () -- C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
MOD - [2013-03-13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012-11-14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011-02-04 15:36:36 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-20 22:52:40 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2010-11-20 22:52:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010-11-20 22:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-20 22:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-20 22:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010-11-20 22:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-15 03:44:12 | 000,023,040 | ---- | M] () [Auto | Running] -- C:\Program Files\BasicServe\basicstarter.exe -- (BasicServe Service)
SRV - [2013-11-13 14:41:05 | 000,066,328 | ---- | M] () [Auto | Running] -- C:\Program Files\DiVapton\updateDiVapton.exe -- (Update DiVapton)
SRV - [2013-11-13 08:42:06 | 000,066,328 | ---- | M] () [Auto | Running] -- C:\Program Files\DiVapton\bin\utilDiVapton.exe -- (Util DiVapton)
SRV - [2013-10-22 16:11:05 | 002,864,096 | ---- | M] () [Auto | Running] -- C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard)
SRV - [2013-08-23 09:05:24 | 000,424,104 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited.) [Auto | Running] -- C:\Program Files\WinZipper\winzipersvc.exe -- (winzipersvc)
SRV - [2013-08-22 05:03:49 | 000,303,680 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013-05-11 23:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-07-28 22:35:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010-11-11 13:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\win7\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013-10-10 17:33:00 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-02-28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013-02-28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013-02-28 09:36:37 | 000,163,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-02-28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-02-28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013-02-28 09:36:36 | 000,060,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013-02-28 09:36:36 | 000,049,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-02-28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-15 04:50:16 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011-07-28 23:22:04 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 21:53:46 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-06 23:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-01-26 07:06:06 | 000,032,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2011-01-26 07:06:04 | 000,052,224 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011-01-10 17:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-09-21 08:59:02 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-01-05 18:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380269618
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380269618
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.portaldosites.com/web/?utm_source=b&utm_medium=sfps&from=sfps&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=3538999
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.portaldosites.com/web/?utm_source=b&utm_medium=sfps&from=sfps&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=3538999
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.portaldosites.com/web/?utm_source=b&utm_medium=sfps&from=sfps&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=3538999
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSERVE117&sp=&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSERVE117&sp=&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=CAF8F4EC388B5995&affID=120665&tsp=5006
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380269618
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380269618
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No CLSID value found
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CAF8F4EC388B5995&affID=120665&tsp=5006
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=ds&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380357187&type=default&q={searchTerms}
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvlink1&sp=&keywords={searchTerms}
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_plPL527
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "delta-homes"
FF - prefs.js..browser.search.order.1: "delta-homes"
FF - prefs.js..browser.search.selectedEngine: "delta-homes"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD103SJ_S246J9KB436294&ts=1380357187"
FF - prefs.js..extensions.enabledAddons: toolbarbutton%40obviousidea.us:2.0
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.5
FF - prefs.js..extensions.enabledAddons: admin%40mymoviemagnet.com:4.0
FF - prefs.js..extensions.enabledAddons: addon%40infobirdpro.com:3.0
FF - prefs.js..extensions.enabledAddons: %7B74fa6b20-2ae6-4584-a4fd-4ac734f8d210%7D:3.3
FF - prefs.js..extensions.enabledAddons: realsummersale1%40realsummersale.com:5.0
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
FF - prefs.js..extensions.enabledAddons: %7B8850f748-e69b-42ff-a449-7ad3cf153bcc%7D:2.1
FF - prefs.js..extensions.enabledAddons: firefox%40divapton.biz:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://www.basicserve.com/?prt=bscsrvlink1&sp=google&keywords="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-02 10:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013-05-29 22:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Extensions
[2013-10-17 15:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (BargainJoy) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\{74fa6b20-2ae6-4584-a4fd-4ac734f8d210}
[2013-09-24 09:15:34 | 000,000,000 | ---D | M] (Coupons Malibu) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\{8850f748-e69b-42ff-a449-7ad3cf153bcc}
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (InfoBird Pro) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\addon@infobirdpro.com
[2013-08-13 12:03:53 | 000,000,000 | ---D | M] (My Movie Magnet) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\admin@mymoviemagnet.com
[2013-09-15 16:48:56 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\ffxtlbr@delta.com
[2013-10-10 17:34:34 | 000,000,000 | ---D | M] (DiVapton) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\firefox@divapton.biz
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (Real Summer Sale) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\realsummersale1@realsummersale.com
[2013-06-27 20:47:25 | 000,000,000 | ---D | M] (ObviousIdea Addon) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\toolbarbutton@obviousidea.us
[2013-07-01 16:23:28 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\WebSiteRecommendation@weliketheweb.com
[2013-06-27 20:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profilesihul856i.default\extensions
[2013-06-27 20:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profilesihul856i.default\extensions\staged
[2013-10-01 02:04:52 | 000,007,216 | ---- | M] () (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\firefox\profiles\ihul856i.default\Extensions\firefox@divapton.biz.xpi
[2013-04-12 20:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-11-14 07:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-11-14 07:24:47 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013-05-29 22:01:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-07-05 18:53:22 | 000,000,772 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
[2013-06-27 20:46:06 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\portaldosites.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www2.delta-search.com/?babsrc=HP_ss&mntrId=CAF8F4EC388B5995&affID=120665&tsp=5006
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfpfjjciophcbhnhnpbadhmdmfgceic\1.0.0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.3_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnefekibahpibgnllfjpckodgobkpije\2.0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.2.0.5_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\1.4_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013-03-02 09:45:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DiVapton) - {3bf42771-1b8a-4910-b3dc-eb330e40020a} - C:\Program Files\DiVapton\DiVaptonBHO.dll (DiVapton)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No CLSID value found.
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [uTorrent] C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\win7\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.113.218.34 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B59FE838-5F07-4D17-9C2E-0212BFFB15E6}: DhcpNameServer = 62.113.218.34 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7727230-7CB8-46BE-9318-5830C268E833}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (c:\progra~2\bitguard\271769~1.27\{c16c1~1\bitguard.dll) - c:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-07-24 23:31:31 | 000,020,542 | R--- | M] () - N:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2011-03-31 10:21:38 | 000,000,047 | R--- | M] () - N:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013-01-09 13:47:07 | 000,000,040 | R--- | M] () - O:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013-11-13 21:21:09 | 000,000,000 | ---D | C] -- C:\Users\win7\Desktop\sesje Julcik
[2013-11-13 08:35:29 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
[2013-10-17 15:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2013-10-17 15:42:18 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\Of Orcs and Men
[2013-10-17 15:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
[2013-10-17 15:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Focus Home Interactive
[2013-10-17 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\3DMark 11
[2013-10-17 12:06:05 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\IsolatedStorage
[2013-10-17 12:06:05 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\Futuremark_Corporation
[2013-10-17 12:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2013-10-17 12:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2013-10-17 12:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
 
========== Files - Modified Within 30 Days ==========
 
[2013-11-15 16:35:54 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-11-15 16:29:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013-11-15 15:18:59 | 000,021,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-11-15 15:18:59 | 000,021,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-11-15 15:10:51 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-11-15 15:10:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-11-15 15:10:18 | 2811,682,816 | -HS- | M] () -- C:\hiberfil.sys
[2013-11-15 09:29:03 | 000,000,119 | ---- | M] () -- C:\Users\win7\AppData\Roaming\WB.CFG
[2013-11-15 09:29:03 | 000,000,006 | ---- | M] () -- C:\Users\win7\AppData\Roaming\WBPU-TTL.DAT
[2013-11-14 07:30:02 | 006,131,988 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-11-14 07:30:02 | 002,509,124 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-11-14 07:30:02 | 001,982,260 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-11-14 07:30:02 | 001,884,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-11-13 22:56:35 | 000,260,452 | ---- | M] () -- C:\Users\win7\Desktop\christmas-snow-background.jpg
[2013-11-13 22:56:06 | 000,256,789 | ---- | M] () -- C:\Users\win7\Desktop\preview.jpg
[2013-11-13 22:55:45 | 000,455,072 | ---- | M] () -- C:\Users\win7\Desktop\retro-snowflake-paper.jpg
[2013-11-13 22:52:34 | 004,600,054 | ---- | M] () -- C:\Users\win7\Desktop\untitled11.bmp
[2013-11-13 22:44:22 | 000,570,012 | ---- | M] () -- C:\Users\win7\Desktop\depositphotos_4283371-Seamless-elegant-christmas-texture-pattern_-EPS-8.jpg
[2013-11-13 22:44:03 | 000,014,808 | ---- | M] () -- C:\Users\win7\Desktop\imagesCAPYGC2O.jpg
[2013-11-13 21:41:36 | 005,760,054 | ---- | M] () -- C:\Users\win7\Desktop\untitled.bmp
[2013-11-13 21:40:31 | 000,107,766 | ---- | M] () -- C:\Users\win7\Desktop\purple-fabric-with-floral-pattern-texture-600x400.jpg
[2013-11-13 21:38:43 | 000,078,229 | ---- | M] () -- C:\Users\win7\Desktop\fst_728xnrmkpta.jpg
[2013-11-13 19:29:10 | 000,591,711 | ---- | M] () -- C:\Users\win7\Desktop\czarny.jpg
[2013-11-13 18:28:55 | 000,133,194 | ---- | M] () -- C:\Users\win7\Desktop\2mdo2n4.png
[2013-11-13 18:28:17 | 000,175,737 | ---- | M] () -- C:\Users\win7\Desktop\226586__attrition-pattern-dark-background-texture_p.jpg
[2013-11-13 18:27:30 | 000,337,252 | ---- | M] () -- C:\Users\win7\Desktop\2687_18_05_09_6_09_04_1.png
[2013-11-13 18:25:39 | 000,015,608 | ---- | M] () -- C:\Users\win7\Desktop\hihix.jpg
[2013-11-13 18:20:42 | 000,079,003 | ---- | M] () -- C:\Users\win7\Desktop\Sparkles_by_Ermenelwen.jpg
[2013-10-17 15:30:00 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\Of Orcs And Men.lnk
 
========== Files Created - No Company Name ==========
 
[2013-11-13 22:56:38 | 000,260,452 | ---- | C] () -- C:\Users\win7\Desktop\christmas-snow-background.jpg
[2013-11-13 22:56:10 | 000,256,789 | ---- | C] () -- C:\Users\win7\Desktop\preview.jpg
[2013-11-13 22:55:49 | 000,455,072 | ---- | C] () -- C:\Users\win7\Desktop\retro-snowflake-paper.jpg
[2013-11-13 22:52:34 | 004,600,054 | ---- | C] () -- C:\Users\win7\Desktop\untitled11.bmp
[2013-11-13 22:49:45 | 000,014,808 | ---- | C] () -- C:\Users\win7\Desktop\imagesCAPYGC2O.jpg
[2013-11-13 22:45:42 | 000,570,012 | ---- | C] () -- C:\Users\win7\Desktop\depositphotos_4283371-Seamless-elegant-christmas-texture-pattern_-EPS-8.jpg
[2013-11-13 21:41:36 | 005,760,054 | ---- | C] () -- C:\Users\win7\Desktop\untitled.bmp
[2013-11-13 21:40:38 | 000,107,766 | ---- | C] () -- C:\Users\win7\Desktop\purple-fabric-with-floral-pattern-texture-600x400.jpg
[2013-11-13 21:38:52 | 000,078,229 | ---- | C] () -- C:\Users\win7\Desktop\fst_728xnrmkpta.jpg
[2013-11-13 19:29:07 | 000,591,711 | ---- | C] () -- C:\Users\win7\Desktop\czarny.jpg
[2013-11-13 18:29:06 | 000,133,194 | ---- | C] () -- C:\Users\win7\Desktop\2mdo2n4.png
[2013-11-13 18:28:24 | 000,175,737 | ---- | C] () -- C:\Users\win7\Desktop\226586__attrition-pattern-dark-background-texture_p.jpg
[2013-11-13 18:27:39 | 000,337,252 | ---- | C] () -- C:\Users\win7\Desktop\2687_18_05_09_6_09_04_1.png
[2013-11-13 18:25:43 | 000,015,608 | ---- | C] () -- C:\Users\win7\Desktop\hihix.jpg
[2013-11-13 18:20:48 | 000,079,003 | ---- | C] () -- C:\Users\win7\Desktop\Sparkles_by_Ermenelwen.jpg
[2013-10-17 15:30:00 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\Of Orcs And Men.lnk
[2013-07-27 09:29:03 | 000,000,119 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WB.CFG
[2013-07-22 19:18:53 | 000,000,001 | R--- | C] () -- C:\Users\win7\serverport
[2013-06-27 20:47:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\3f203d43423936253926202a20_c
[2013-06-17 07:33:41 | 000,000,005 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WBPU-Q2-TTL.DAT
[2013-06-16 17:29:24 | 000,000,006 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WBPU-TTL.DAT
[2013-05-19 09:45:55 | 000,000,005 | ---- | C] () -- C:\Users\win7\AppData\Roaming\BCT-TTL.DAT
[2013-04-03 11:10:39 | 000,003,072 | ---- | C] () -- C:\Users\win7\AppData\Roaming\Sento - www.naszfotoalbum.pl Prefsv3
[2013-03-02 10:02:19 | 000,163,784 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-03-02 10:02:18 | 000,049,320 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013-03-02 09:42:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-03-02 09:42:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-03-02 09:42:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-03-02 09:42:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-03-02 09:42:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-01-08 23:55:20 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012-01-03 08:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2011-11-28 14:17:02 | 000,061,952 | ---- | C] () -- C:\Users\win7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-10-16 08:09:19 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\abgx360
[2011-09-29 20:07:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Ashampoo
[2013-09-15 16:48:46 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\BabSolution
[2013-04-12 20:15:20 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Babylon
[2013-04-09 22:41:06 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013-10-10 17:40:13 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\DAEMON Tools Lite
[2013-09-15 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Delta
[2011-07-18 17:06:01 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Disney Interactive Studios
[2013-11-15 16:32:22 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Dropbox
[2013-04-12 20:15:23 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\DSite
[2013-06-27 20:42:51 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\eIntaller
[2012-04-20 09:14:01 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Epson
[2013-06-18 07:49:57 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\File Scout
[2012-05-19 10:54:34 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Gadu-Gadu 10
[2012-01-08 11:18:32 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\ImgBurn
[2013-05-03 15:22:06 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\NapiProjekt
[2013-10-10 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\ObviousIdea
[2013-04-03 11:10:31 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Sento - www.naszfotoalbum.pl
[2013-06-27 20:47:11 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\SimilarSites
[2013-03-15 22:15:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-10-17 12:02:32 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\systweak
[2013-11-15 16:40:55 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\uTorrent
[2013-04-12 20:15:29 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Video Converter Packages
[2011-07-11 14:32:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Win7codecs
[2013-09-26 06:35:36 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\WinZipper
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:BF39277E4C46191D

< End of report >

 

[/log]

 

 

Extras.txt

[log]

OTL Extras logfile created on: 2013-11-15 16:38:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,49 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 69,68% Memory free
6,98 Gb Paging File | 5,82 Gb Available in Paging File | 83,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 196,46 Gb Free Space | 67,08% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 107,53 Gb Free Space | 33,68% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 201,05 Gb Free Space | 62,97% Space Free | Partition Type: NTFS
Drive N: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 3,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WIN7-KOMPUTER | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\win7\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [Bridge] -- D:\Photoshop nowy\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [ChomikBox.Upload] -- "C:\Program Files\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F16E56A0-E092-49A5-9216-D24A8D1830EE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{26ABD3FB-85DB-470D-85BE-1AB89F9BFE0B}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{38D99781-7464-476F-A55F-F889883A73B5}" = protocol=6 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"{5359A2FB-F973-4466-A34A-B1D251607C28}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{62D0899F-A988-42C7-967A-8B73C98760A0}" = protocol=17 | dir=in | app=c:\users\win7\desktop\sweetimsetup.exe |
"{6B569E22-B151-4289-829D-49796699ABA8}" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"{90BA0263-8902-4EDC-9DBD-7AF9C8ADA635}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9D0BB421-9EB0-4F3B-A940-928ACF5F9810}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B1FB9D1D-127B-4405-A257-1590E2F74A43}" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"{B348005D-88C2-49C5-975A-00C9522E447B}" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\utorrent\utorrent.exe |
"{C394DF30-CC52-4C85-9EF3-6BD2B1770411}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DDF4B310-578F-403D-9458-CCFC9F10DEEA}" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\utorrent\utorrent.exe |
"{E53BD6A9-7CB9-4EE6-9A2A-5D6508833DEB}" = dir=in | app=c:\program files\namco bandai games\darksouls\darksouls.exe |
"{EBF302C3-9182-4E30-972D-A440740C54E5}" = protocol=6 | dir=in | app=c:\users\win7\desktop\sweetimsetup.exe |
"{FCB7E3AF-0255-4F19-823D-E47FC9FF7615}" = protocol=17 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"TCP Query User{0943A747-8C5F-4D2F-9D27-33034EB9218A}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{1E0FA550-FD2B-42D2-92ED-E1C14A20D753}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{2F87C407-45C0-4C10-A63D-F16219EA3808}D:\row\runes of magic\client.exe" = protocol=6 | dir=in | app=d:\row\runes of magic\client.exe |
"TCP Query User{30993DAA-160D-4512-A7D5-8ABBB96340CE}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{3791595B-56E5-42AF-9C4A-7F7CCAFA661A}C:\program files\jivexdv\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jivexdv\jre\bin\javaw.exe |
"TCP Query User{8D25D392-032A-4F53-8C6A-F8AEAFCAB7EA}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{A75622AE-3ED7-410D-A05D-A1EBB1733F60}F:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=f:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{D54AD450-147C-4823-80EE-7FEC8D27AB31}D:\gry\wiedzmin 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"TCP Query User{FA8B48C2-2913-46B7-87C1-1D6BB24E6AD0}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{167D3F84-FE84-41B3-82FB-DD99593710F6}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{20F1E228-8ABE-4F08-95E5-7961EAC3DE56}C:\program files\jivexdv\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jivexdv\jre\bin\javaw.exe |
"UDP Query User{481737D7-6B04-4368-8FD7-29C3BB1FA5ED}D:\row\runes of magic\client.exe" = protocol=17 | dir=in | app=d:\row\runes of magic\client.exe |
"UDP Query User{A5C81A82-9327-4AD1-87A3-373ECBC73E1A}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D7A0C3E6-7AD3-4CB8-992D-0469140C3339}D:\gry\wiedzmin 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"UDP Query User{E06AB2BF-F2C1-4B31-A05F-7A5E9446A296}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{EB8C884B-E153-483B-8886-3649BB61545A}F:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=f:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{F1138549-81F9-4050-8CE4-A43678455644}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{FB71B139-1E91-4B9E-A622-E2780FE723A3}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1808A2AC-DB66-6B80-9340-F6476390CB18}" = AMD Drag and Drop Transcoding
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{2365558E-D15A-D3DA-67E5-4B67FAB71280}" = CCC Help English
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FD94CB-D8E8-E05F-B076-D8F8566A29D6}" = Catalyst Control Center InstallProxy
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.5
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{91140000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.8.1 "Legend"
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter(TM) i więzień Azkabanu
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A82B4C95-7E11-2367-6DD3-89CD06D2DD05}" = AMD Catalyst Install Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41DF3CA-5F40-DB8C-D747-DC68BC2010D8}" = Catalyst Control Center
"{C46640C0-93FE-4CD7-8B5E-EB0E92C4C2C9}" = Adobe Photoshop Lightroom 3.4.1
"{C49F8E1C-0BAE-4836-A670-AE76BA32BE90}" = ChomikBox
"{C5B09388-4614-A43E-9835-1D362E26A22C}" = AMD Media Foundation Decoders
"{C60E04B9-95FA-4768-BFAE-6DE8FA3B6EAE}_is1" = Pixu wersja 2.6
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D872D294-5E06-2C4B-B2F5-D3E19F097917}" = ccc-utility
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF57E946-4885-4EEA-A958-D5F82CB21B99}" = DesignPro 5
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.4.2.0
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F48A622B-DC1D-79A5-380D-29C6493B6987}" = Catalyst Control Center Graphics Previews Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"abgx360" = abgx360 v1.0.6
"AbiWord2" = AbiWord 2.8.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Applian FLV Player2.0.24" = Applian FLV Player
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.15
"avast" = avast! Free Antivirus
"BasicServe" = BasicServe 1.0 build 117
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CRMCH" = Crazy Machines
"DAEMON Tools Lite" = DAEMON Tools Lite
"delta" = Delta toolbar 
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"DiVapton" = DiVapton 1.0.0
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall
"EPSON SX125 Series Manual" = EPSON SX125 Series Podręcznik
"Gadu-Gadu 10" = Gadu-Gadu 10
"GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"Google Chrome" = Google Chrome
"InstallShield_{DF57E946-4885-4EEA-A958-D5F82CB21B99}" = DesignPro 5
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"JiveX [dv] Viewer 4.5" = JiveX [dv] Viewer 4.5
"Metin2_is1" = Metin2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.1.0.2287)
"Of Orcs And Men_is1" = Of Orcs And Men
"Office14.POWERPOINTR" = Microsoft PowerPoint 2010 dla Użytkowników Domowych i Uczniów
"PowerISO" = PowerISO
"RealAlt_is1" = Real Alternative 1.8.0
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"WinZipper" = WinZipper
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"DSite" = Update for Word Viewer
"Polska lokalizacja Adobe Lightroom 3.4" = Polska lokalizacja Adobe Lightroom 3.4
"Sento - www.naszfotoalbum.pl" = Sento - www.naszfotoalbum.pl
"Video Converter Packages" = Video Converter Packages
"Winamp Detect" = Detektor Winampa
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2013-08-07 03:46:14 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-07 04:03:53 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x1204  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93423849f5f5  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: e6695d96-ff37-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:08:41 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x11dc  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce9344c93517f3  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 920f17d8-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:09:03 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x149c  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93455d24dd3a  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 9eb6c8ad-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:09:18 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x514  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93456408b8e5  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: a7df741b-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:09:23 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x4e8  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93456b7b6721  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: aac62171-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:10:40 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x1208  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93456f38504f  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: d893dbf7-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:10:44 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0xdf8  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce93459c04f637  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: db5211e7-ff38-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:12:04 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0xc80  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce9345a894d949  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 0ad3683f-ff39-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:12:10 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x11e8  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce9345cf39b03c  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 0e9e99af-ff39-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 04:12:38 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0xda0  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce9345d39d39bd  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 1f4378d9-ff39-11e2-b034-1c6f65d98d40
 
Error - 2013-08-07 10:46:37 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ OSession Events ]
Error - 2012-03-29 05:46:51 | Computer Name = win7-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5765
 seconds with 1980 seconds of active time.  This session ended with a crash.
 
Error - 2012-06-12 04:42:16 | Computer Name = win7-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1899
 seconds with 1080 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2013-11-15 07:20:43 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7038
Description = Usługa lmhosts nie może zalogować się jako NT AUTHORITY\LocalService
 za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:   %%1352    Aby
 upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w
 programie Microsoft Management Console (MMC).
 
Error - 2013-11-15 07:20:43 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Pomoc TCP/IP NetBIOS z powodu następującego
 błędu:   %%1069
 
Error - 2013-11-15 07:37:45 | Computer Name = win7-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
 modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 
 
Error - 2013-11-15 07:39:12 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.
 
Error - 2013-11-15 07:39:28 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Adobe Flash Player Update Service z powodu
 następującego błędu:   %%2
 
Error - 2013-11-15 07:44:40 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Usług systemu Windows buforowania czcionek zawiesiła się podczas
 uruchamiania.
 
Error - 2013-11-15 10:10:22 | Computer Name = win7-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:24:20 na ?2013-?11-?15 było
nieoczekiwane.
 
Error - 2013-11-15 10:11:52 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.
 
Error - 2013-11-15 10:11:53 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Adobe Flash Player Update Service z powodu
 następującego błędu:   %%2
 
Error - 2013-11-15 11:31:55 | Computer Name = win7-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
 modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 
 
 
< End of report >
[/log]

 

Mam nadzieję że o to chodziło...

Zayfi
komentarz
komentarz

Na poczatek odinstaluj z panelu programów

BitGuard
Delta Chrome Toolbar
Delta toolbar

oraz starego Adobe Flash Player 10 Plugin.

 

2. Pobierz AdwCleaner > wykonaj nim skan a nastepnie zastosuj opcję Usuń.

 

http://general-changelog-team.fr/outils/289-adwcleaner

 

 

3. Zrób nowy skan OTL i daj raport.

Majorka636
komentarz
komentarz (edytowane)

otl.txt

[log]

OTL logfile created on: 2013-11-15 17:25:22 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,49 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 70,28% Memory free
6,98 Gb Paging File | 5,68 Gb Available in Paging File | 81,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 196,47 Gb Free Space | 67,08% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 107,53 Gb Free Space | 33,68% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 201,05 Gb Free Space | 62,97% Space Free | Partition Type: NTFS
Drive N: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 3,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WIN7-KOMPUTER | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-11-15 16:34:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.com
PRC - [2013-11-13 14:41:05 | 000,066,328 | ---- | M] () -- C:\Program Files\DiVapton\updateDiVapton.exe
PRC - [2013-11-13 08:42:06 | 000,066,328 | ---- | M] () -- C:\Program Files\DiVapton\bin\utilDiVapton.exe
PRC - [2013-05-25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\win7\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013-05-03 15:06:08 | 001,040,720 | ---- | M] (BitTorrent Inc.) -- C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-02-28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-02-28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-15 04:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011-07-28 22:35:52 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 22:35:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-11-20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010-07-12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-12-03 09:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2005-05-19 14:47:36 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-03-13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012-11-14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011-07-28 16:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-02-04 15:36:39 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2011-02-04 15:36:36 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-20 22:56:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\30b1d86571495ea86b9a19b13498aad3\WindowsFormsIntegration.ni.dll
MOD - [2010-11-20 22:52:53 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll
MOD - [2010-11-20 22:52:49 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2010-11-20 22:52:40 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2010-11-20 22:52:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010-11-20 22:52:23 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2010-11-20 22:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-20 22:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-20 22:52:01 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ab8ac659d9525c6a0cd22c6f3734862f\UIAutomationProvider.ni.dll
MOD - [2010-11-20 22:52:00 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2010-11-20 22:50:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010-11-20 22:50:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010-11-20 22:50:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010-11-20 22:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010-11-20 22:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\BasicServe\basicstarter.exe C:\Program Files\BasicServe\basicserve.dll toritarahu nahuwevuco -- (BasicServe Service)
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-13 14:41:05 | 000,066,328 | ---- | M] () [Auto | Running] -- C:\Program Files\DiVapton\updateDiVapton.exe -- (Update DiVapton)
SRV - [2013-11-13 08:42:06 | 000,066,328 | ---- | M] () [Auto | Running] -- C:\Program Files\DiVapton\bin\utilDiVapton.exe -- (Util DiVapton)
SRV - [2013-05-11 23:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-07-28 22:35:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010-11-11 13:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\win7\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013-10-10 17:33:00 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-02-28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013-02-28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013-02-28 09:36:37 | 000,163,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-02-28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-02-28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013-02-28 09:36:36 | 000,060,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013-02-28 09:36:36 | 000,049,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-02-28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-15 04:50:16 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011-07-28 23:22:04 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 21:53:46 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-06 23:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-01-26 07:06:06 | 000,032,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2011-01-26 07:06:04 | 000,052,224 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011-01-10 17:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-09-21 08:59:02 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-01-05 18:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSERVE117&sp=&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSERVE117&sp=&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No CLSID value found
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvlink1&sp=&keywords={searchTerms}
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_plPL527
IE - HKU\S-1-5-21-202326688-854497164-2879383923-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage:
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-02 10:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013-05-29 22:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Extensions
[2013-11-15 17:06:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (BargainJoy) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\{74fa6b20-2ae6-4584-a4fd-4ac734f8d210}
[2013-09-24 09:15:34 | 000,000,000 | ---D | M] (Coupons Malibu) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\{8850f748-e69b-42ff-a449-7ad3cf153bcc}
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (InfoBird Pro) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\addon@infobirdpro.com
[2013-08-13 12:03:53 | 000,000,000 | ---D | M] (My Movie Magnet) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\admin@mymoviemagnet.com
[2013-10-10 17:34:34 | 000,000,000 | ---D | M] (DiVapton) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\firefox@divapton.biz
[2013-09-12 11:08:45 | 000,000,000 | ---D | M] (Real Summer Sale) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\realsummersale1@realsummersale.com
[2013-06-27 20:47:25 | 000,000,000 | ---D | M] (ObviousIdea Addon) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\toolbarbutton@obviousidea.us
[2013-07-01 16:23:28 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\ihul856i.default\Extensions\WebSiteRecommendation@weliketheweb.com
[2013-06-27 20:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profilesihul856i.default\extensions
[2013-06-27 20:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profilesihul856i.default\extensions\staged
[2013-10-01 02:04:52 | 000,007,216 | ---- | M] () (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\firefox\profiles\ihul856i.default\Extensions\firefox@divapton.biz.xpi
[2013-04-12 20:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-11-14 07:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-11-14 07:24:47 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013-05-29 22:01:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\WIN7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHUL856I.DEFAULT\EXTENSIONS\FFXTLBR@DELTA.COM
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfpfjjciophcbhnhnpbadhmdmfgceic\1.0.0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnefekibahpibgnllfjpckodgobkpije\2.0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013-03-02 09:45:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DiVapton) - {3bf42771-1b8a-4910-b3dc-eb330e40020a} - C:\Program Files\DiVapton\DiVaptonBHO.dll (DiVapton)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [uTorrent] C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\win7\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B59FE838-5F07-4D17-9C2E-0212BFFB15E6}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7727230-7CB8-46BE-9318-5830C268E833}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-07-24 23:31:31 | 000,020,542 | R--- | M] () - N:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2011-03-31 10:21:38 | 000,000,047 | R--- | M] () - N:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013-01-09 13:47:07 | 000,000,040 | R--- | M] () - O:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013-11-15 17:12:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013-11-13 21:21:09 | 000,000,000 | ---D | C] -- C:\Users\win7\Desktop\sesje Julcik
[2013-10-17 15:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2013-10-17 15:42:18 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\Of Orcs and Men
[2013-10-17 15:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
[2013-10-17 15:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Focus Home Interactive
[2013-10-17 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\3DMark 11
[2013-10-17 12:06:05 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\IsolatedStorage
[2013-10-17 12:06:05 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\Futuremark_Corporation
[2013-10-17 12:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2013-10-17 12:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2013-10-17 12:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
 
========== Files - Modified Within 30 Days ==========
 
[2013-11-15 17:26:23 | 000,021,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-11-15 17:26:23 | 000,021,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-11-15 17:15:31 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-11-15 17:15:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-11-15 17:14:58 | 2811,682,816 | -HS- | M] () -- C:\hiberfil.sys
[2013-11-15 17:13:51 | 000,001,118 | ---- | M] () -- C:\Users\win7\Desktop\Internet Explorer.lnk
[2013-11-15 17:13:51 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-11-15 16:35:54 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-11-15 09:29:03 | 000,000,119 | ---- | M] () -- C:\Users\win7\AppData\Roaming\WB.CFG
[2013-11-15 09:29:03 | 000,000,006 | ---- | M] () -- C:\Users\win7\AppData\Roaming\WBPU-TTL.DAT
[2013-11-14 07:30:02 | 006,131,988 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-11-14 07:30:02 | 002,509,124 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-11-14 07:30:02 | 001,982,260 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-11-14 07:30:02 | 001,884,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-11-13 22:56:35 | 000,260,452 | ---- | M] () -- C:\Users\win7\Desktop\christmas-snow-background.jpg
[2013-11-13 22:56:06 | 000,256,789 | ---- | M] () -- C:\Users\win7\Desktop\preview.jpg
[2013-11-13 22:55:45 | 000,455,072 | ---- | M] () -- C:\Users\win7\Desktop\retro-snowflake-paper.jpg
[2013-11-13 22:52:34 | 004,600,054 | ---- | M] () -- C:\Users\win7\Desktop\untitled11.bmp
[2013-11-13 22:44:22 | 000,570,012 | ---- | M] () -- C:\Users\win7\Desktop\depositphotos_4283371-Seamless-elegant-christmas-texture-pattern_-EPS-8.jpg
[2013-11-13 22:44:03 | 000,014,808 | ---- | M] () -- C:\Users\win7\Desktop\imagesCAPYGC2O.jpg
[2013-11-13 21:41:36 | 005,760,054 | ---- | M] () -- C:\Users\win7\Desktop\untitled.bmp
[2013-11-13 21:40:31 | 000,107,766 | ---- | M] () -- C:\Users\win7\Desktop\purple-fabric-with-floral-pattern-texture-600x400.jpg
[2013-11-13 21:38:43 | 000,078,229 | ---- | M] () -- C:\Users\win7\Desktop\fst_728xnrmkpta.jpg
[2013-11-13 19:29:10 | 000,591,711 | ---- | M] () -- C:\Users\win7\Desktop\czarny.jpg
[2013-11-13 18:28:55 | 000,133,194 | ---- | M] () -- C:\Users\win7\Desktop\2mdo2n4.png
[2013-11-13 18:28:17 | 000,175,737 | ---- | M] () -- C:\Users\win7\Desktop\226586__attrition-pattern-dark-background-texture_p.jpg
[2013-11-13 18:27:30 | 000,337,252 | ---- | M] () -- C:\Users\win7\Desktop\2687_18_05_09_6_09_04_1.png
[2013-11-13 18:25:39 | 000,015,608 | ---- | M] () -- C:\Users\win7\Desktop\hihix.jpg
[2013-11-13 18:20:42 | 000,079,003 | ---- | M] () -- C:\Users\win7\Desktop\Sparkles_by_Ermenelwen.jpg
[2013-10-17 15:30:00 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\Of Orcs And Men.lnk
 
========== Files Created - No Company Name ==========
 
[2013-11-13 22:56:38 | 000,260,452 | ---- | C] () -- C:\Users\win7\Desktop\christmas-snow-background.jpg
[2013-11-13 22:56:10 | 000,256,789 | ---- | C] () -- C:\Users\win7\Desktop\preview.jpg
[2013-11-13 22:55:49 | 000,455,072 | ---- | C] () -- C:\Users\win7\Desktop\retro-snowflake-paper.jpg
[2013-11-13 22:52:34 | 004,600,054 | ---- | C] () -- C:\Users\win7\Desktop\untitled11.bmp
[2013-11-13 22:49:45 | 000,014,808 | ---- | C] () -- C:\Users\win7\Desktop\imagesCAPYGC2O.jpg
[2013-11-13 22:45:42 | 000,570,012 | ---- | C] () -- C:\Users\win7\Desktop\depositphotos_4283371-Seamless-elegant-christmas-texture-pattern_-EPS-8.jpg
[2013-11-13 21:41:36 | 005,760,054 | ---- | C] () -- C:\Users\win7\Desktop\untitled.bmp
[2013-11-13 21:40:38 | 000,107,766 | ---- | C] () -- C:\Users\win7\Desktop\purple-fabric-with-floral-pattern-texture-600x400.jpg
[2013-11-13 21:38:52 | 000,078,229 | ---- | C] () -- C:\Users\win7\Desktop\fst_728xnrmkpta.jpg
[2013-11-13 19:29:07 | 000,591,711 | ---- | C] () -- C:\Users\win7\Desktop\czarny.jpg
[2013-11-13 18:29:06 | 000,133,194 | ---- | C] () -- C:\Users\win7\Desktop\2mdo2n4.png
[2013-11-13 18:28:24 | 000,175,737 | ---- | C] () -- C:\Users\win7\Desktop\226586__attrition-pattern-dark-background-texture_p.jpg
[2013-11-13 18:27:39 | 000,337,252 | ---- | C] () -- C:\Users\win7\Desktop\2687_18_05_09_6_09_04_1.png
[2013-11-13 18:25:43 | 000,015,608 | ---- | C] () -- C:\Users\win7\Desktop\hihix.jpg
[2013-11-13 18:20:48 | 000,079,003 | ---- | C] () -- C:\Users\win7\Desktop\Sparkles_by_Ermenelwen.jpg
[2013-10-17 15:30:00 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\Of Orcs And Men.lnk
[2013-07-27 09:29:03 | 000,000,119 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WB.CFG
[2013-07-22 19:18:53 | 000,000,001 | R--- | C] () -- C:\Users\win7\serverport
[2013-06-27 20:47:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\3f203d43423936253926202a20_c
[2013-06-17 07:33:41 | 000,000,005 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WBPU-Q2-TTL.DAT
[2013-06-16 17:29:24 | 000,000,006 | ---- | C] () -- C:\Users\win7\AppData\Roaming\WBPU-TTL.DAT
[2013-05-19 09:45:55 | 000,000,005 | ---- | C] () -- C:\Users\win7\AppData\Roaming\BCT-TTL.DAT
[2013-04-03 11:10:39 | 000,003,072 | ---- | C] () -- C:\Users\win7\AppData\Roaming\Sento - www.naszfotoalbum.pl Prefsv3
[2013-03-02 10:02:19 | 000,163,784 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-03-02 10:02:18 | 000,049,320 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013-03-02 09:42:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-03-02 09:42:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-03-02 09:42:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-03-02 09:42:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-03-02 09:42:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-01-08 23:55:20 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012-01-03 08:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2011-11-28 14:17:02 | 000,061,952 | ---- | C] () -- C:\Users\win7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-10-16 08:09:19 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\abgx360
[2011-09-29 20:07:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Ashampoo
[2013-04-09 22:41:06 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013-10-10 17:40:13 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\DAEMON Tools Lite
[2011-07-18 17:06:01 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Disney Interactive Studios
[2013-11-15 17:16:15 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Dropbox
[2012-04-20 09:14:01 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Epson
[2012-05-19 10:54:34 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Gadu-Gadu 10
[2012-01-08 11:18:32 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\ImgBurn
[2013-05-03 15:22:06 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\NapiProjekt
[2013-10-10 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\ObviousIdea
[2013-04-03 11:10:31 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Sento - www.naszfotoalbum.pl
[2013-03-15 22:15:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-11-15 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\uTorrent
[2013-04-12 20:15:29 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Video Converter Packages
[2011-07-11 14:32:50 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Win7codecs
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:BF39277E4C46191D

< End of report >

[/log]

 

extras.txt

[log]

OTL Extras logfile created on: 2013-11-15 17:25:22 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,49 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 70,28% Memory free
6,98 Gb Paging File | 5,68 Gb Available in Paging File | 81,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 196,47 Gb Free Space | 67,08% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 107,53 Gb Free Space | 33,68% Space Free | Partition Type: NTFS
Drive E: | 319,27 Gb Total Space | 201,05 Gb Free Space | 62,97% Space Free | Partition Type: NTFS
Drive N: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 3,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WIN7-KOMPUTER | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\win7\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- D:\Photoshop nowy\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [ChomikBox.Upload] -- "C:\Program Files\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F16E56A0-E092-49A5-9216-D24A8D1830EE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{26ABD3FB-85DB-470D-85BE-1AB89F9BFE0B}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{38D99781-7464-476F-A55F-F889883A73B5}" = protocol=6 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"{5359A2FB-F973-4466-A34A-B1D251607C28}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{62D0899F-A988-42C7-967A-8B73C98760A0}" = protocol=17 | dir=in | app=c:\users\win7\desktop\sweetimsetup.exe |
"{6B569E22-B151-4289-829D-49796699ABA8}" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"{90BA0263-8902-4EDC-9DBD-7AF9C8ADA635}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9D0BB421-9EB0-4F3B-A940-928ACF5F9810}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B1FB9D1D-127B-4405-A257-1590E2F74A43}" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"{B348005D-88C2-49C5-975A-00C9522E447B}" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\utorrent\utorrent.exe |
"{C394DF30-CC52-4C85-9EF3-6BD2B1770411}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DDF4B310-578F-403D-9458-CCFC9F10DEEA}" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\utorrent\utorrent.exe |
"{E53BD6A9-7CB9-4EE6-9A2A-5D6508833DEB}" = dir=in | app=c:\program files\namco bandai games\darksouls\darksouls.exe |
"{EBF302C3-9182-4E30-972D-A440740C54E5}" = protocol=6 | dir=in | app=c:\users\win7\desktop\sweetimsetup.exe |
"{FCB7E3AF-0255-4F19-823D-E47FC9FF7615}" = protocol=17 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"TCP Query User{0943A747-8C5F-4D2F-9D27-33034EB9218A}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{1E0FA550-FD2B-42D2-92ED-E1C14A20D753}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{2F87C407-45C0-4C10-A63D-F16219EA3808}D:\row\runes of magic\client.exe" = protocol=6 | dir=in | app=d:\row\runes of magic\client.exe |
"TCP Query User{30993DAA-160D-4512-A7D5-8ABBB96340CE}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{3791595B-56E5-42AF-9C4A-7F7CCAFA661A}C:\program files\jivexdv\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jivexdv\jre\bin\javaw.exe |
"TCP Query User{8D25D392-032A-4F53-8C6A-F8AEAFCAB7EA}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{A75622AE-3ED7-410D-A05D-A1EBB1733F60}F:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=f:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{D54AD450-147C-4823-80EE-7FEC8D27AB31}D:\gry\wiedzmin 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"TCP Query User{FA8B48C2-2913-46B7-87C1-1D6BB24E6AD0}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{167D3F84-FE84-41B3-82FB-DD99593710F6}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{20F1E228-8ABE-4F08-95E5-7961EAC3DE56}C:\program files\jivexdv\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jivexdv\jre\bin\javaw.exe |
"UDP Query User{481737D7-6B04-4368-8FD7-29C3BB1FA5ED}D:\row\runes of magic\client.exe" = protocol=17 | dir=in | app=d:\row\runes of magic\client.exe |
"UDP Query User{A5C81A82-9327-4AD1-87A3-373ECBC73E1A}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D7A0C3E6-7AD3-4CB8-992D-0469140C3339}D:\gry\wiedzmin 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\wiedzmin 2\bin\witcher2.exe |
"UDP Query User{E06AB2BF-F2C1-4B31-A05F-7A5E9446A296}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{EB8C884B-E153-483B-8886-3649BB61545A}F:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=f:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{F1138549-81F9-4050-8CE4-A43678455644}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{FB71B139-1E91-4B9E-A622-E2780FE723A3}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1808A2AC-DB66-6B80-9340-F6476390CB18}" = AMD Drag and Drop Transcoding
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{2365558E-D15A-D3DA-67E5-4B67FAB71280}" = CCC Help English
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FD94CB-D8E8-E05F-B076-D8F8566A29D6}" = Catalyst Control Center InstallProxy
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.5
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{91140000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.8.1 "Legend"
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter(TM) i więzień Azkabanu
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A82B4C95-7E11-2367-6DD3-89CD06D2DD05}" = AMD Catalyst Install Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41DF3CA-5F40-DB8C-D747-DC68BC2010D8}" = Catalyst Control Center
"{C46640C0-93FE-4CD7-8B5E-EB0E92C4C2C9}" = Adobe Photoshop Lightroom 3.4.1
"{C49F8E1C-0BAE-4836-A670-AE76BA32BE90}" = ChomikBox
"{C5B09388-4614-A43E-9835-1D362E26A22C}" = AMD Media Foundation Decoders
"{C60E04B9-95FA-4768-BFAE-6DE8FA3B6EAE}_is1" = Pixu wersja 2.6
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D872D294-5E06-2C4B-B2F5-D3E19F097917}" = ccc-utility
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF57E946-4885-4EEA-A958-D5F82CB21B99}" = DesignPro 5
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.4.2.0
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F48A622B-DC1D-79A5-380D-29C6493B6987}" = Catalyst Control Center Graphics Previews Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"abgx360" = abgx360 v1.0.6
"AbiWord2" = AbiWord 2.8.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Applian FLV Player2.0.24" = Applian FLV Player
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.15
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CRMCH" = Crazy Machines
"DAEMON Tools Lite" = DAEMON Tools Lite
"DiVapton" = DiVapton 1.0.0
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall
"EPSON SX125 Series Manual" = EPSON SX125 Series Podręcznik
"Gadu-Gadu 10" = Gadu-Gadu 10
"GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"Google Chrome" = Google Chrome
"InstallShield_{DF57E946-4885-4EEA-A958-D5F82CB21B99}" = DesignPro 5
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"JiveX [dv] Viewer 4.5" = JiveX [dv] Viewer 4.5
"Metin2_is1" = Metin2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.1.0.2287)
"Of Orcs And Men_is1" = Of Orcs And Men
"Office14.POWERPOINTR" = Microsoft PowerPoint 2010 dla Użytkowników Domowych i Uczniów
"PowerISO" = PowerISO
"RealAlt_is1" = Real Alternative 1.8.0
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-202326688-854497164-2879383923-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"DSite" = Update for Word Viewer
"Polska lokalizacja Adobe Lightroom 3.4" = Polska lokalizacja Adobe Lightroom 3.4
"Sento - www.naszfotoalbum.pl" = Sento - www.naszfotoalbum.pl
"Video Converter Packages" = Video Converter Packages
"Winamp Detect" = Detektor Winampa
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2013-08-02 07:04:06 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96e  Kod wyjątku: 0xc0000374  Przesunięcie
 błędu: 0x000c37b7  Identyfikator procesu powodującego błąd: 0x14c0  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce8f6fccaa4edb  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: 3ee97e09-fb63-11e2-a660-1c6f65d98d40
 
Error - 2013-08-02 15:10:47 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-03 02:59:19 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-03 03:23:24 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96e  Kod wyjątku: 0xc0000374  Przesunięcie
 błędu: 0x000c37b7  Identyfikator procesu powodującego błąd: 0x15f0  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce901745f37d43  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: 949b6642-fc0d-11e2-b600-1c6f65d98d40
 
Error - 2013-08-03 05:36:18 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-03 06:07:03 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: Dxtmsft.dll, wersja:
 8.0.7600.16385, sygnatura czasowa: 0x4a5bda10  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x0003346f  Identyfikator procesu powodującego błąd: 0x398  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce903009f88596  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\System32\Dxtmsft.dll  Identyfikator raportu: 719049c2-fc24-11e2-8a37-1c6f65d98d40
 
Error - 2013-08-03 06:07:11 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
 sygnatura czasowa: 0x00000000  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x036500c4
Identyfikator
 procesu powodującego błąd: 0x12a8  Godzina uruchomienia aplikacji powodującej błąd:
 0x01ce903009ea3d55  Ścieżka aplikacji powodującej błąd: C:\Program Files\Internet
 Explorer\iexplore.exe  Ścieżka modułu powodującego błąd: unknown  Identyfikator raportu:
 76152687-fc24-11e2-8a37-1c6f65d98d40
 
Error - 2013-08-03 07:43:18 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-05 14:20:08 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-06 11:26:10 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-06 11:33:39 | Computer Name = win7-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7601.17514,
 sygnatura czasowa: 0x4ce79912  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96e  Kod wyjątku: 0xc0000374  Przesunięcie
 błędu: 0x000c37b7  Identyfikator procesu powodującego błąd: 0x15b0  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce92b97dee2c85  Ścieżka aplikacji powodującej błąd:
 C:\Program Files\Internet Explorer\iexplore.exe  Ścieżka modułu powodującego błąd:
 C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: 908e1229-fead-11e2-8848-1c6f65d98d40
 
Error - 2013-08-07 03:46:14 | Computer Name = win7-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ OSession Events ]
Error - 2012-03-29 05:46:51 | Computer Name = win7-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5765
 seconds with 1980 seconds of active time.  This session ended with a crash.
 
Error - 2012-06-12 04:42:16 | Computer Name = win7-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1899
 seconds with 1080 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2013-11-15 07:39:12 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.
 
Error - 2013-11-15 07:39:28 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Adobe Flash Player Update Service z powodu
 następującego błędu:   %%2
 
Error - 2013-11-15 07:44:40 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Usług systemu Windows buforowania czcionek zawiesiła się podczas
 uruchamiania.
 
Error - 2013-11-15 10:10:22 | Computer Name = win7-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:24:20 na ?2013-?11-?15 było
nieoczekiwane.
 
Error - 2013-11-15 10:11:52 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.
 
Error - 2013-11-15 10:11:53 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Adobe Flash Player Update Service z powodu
 następującego błędu:   %%2
 
Error - 2013-11-15 11:31:55 | Computer Name = win7-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
 modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 
 
Error - 2013-11-15 12:14:14 | Computer Name = win7-Komputer | Source = DCOM | ID = 10010
Description =
 
Error - 2013-11-15 12:15:04 | Computer Name = win7-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
 modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 
 
Error - 2013-11-15 12:15:08 | Computer Name = win7-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Adobe Flash Player Update Service z powodu
 następującego błędu:   %%2
 
 
< End of report >

[/log]
 

  • Rekomendowana odpowiedź
Zayfi
komentarz
komentarz

1. Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\win7\AppData\Local\Temp\catchme.sys -- (catchme)
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-202326688-854497164-2879383923-1000\..\Toolbar\WebBrowser: (no name) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No CLSID value found.
O4 - HKU\S-1-5-21-202326688-854497164-2879383923-1000..\Run: [AdobeBridge]  File not found
@Alternate Data Stream - 24 bytes -> C:\Windows:BF39277E4C46191D

:Commands
[emptytemp]

Kliknij w Wykonaj skrypt

 

 

2. Uruchom AdwCleaner i kliknij Unistall.

 

3. Po wykonaniu punktów 1 i 2 pobierz i zainstaluj IE9 > nie ma znaczenia że nie korzystasz. Sa błedy w dzieniku od tej aplikacji co prawda dość stare, ale inne przegladarki korzystaja z IE.

 

http://windows.microsoft.com/pl-pl/internet-explorer/ie-9-worldwide-languages

 

4. Zaktualizuj Firefoxa, masz starą wersje

"Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl)

5. Zainstaluj najnowsze Adobe Flash Player.

 

6. Czekam na opinie jak funkcjonuje system.

Majorka636
komentarz
komentarz

Działa!

Super i bardzo Ci dziękuję za pomoc :*:*:*

Zayfi
komentarz
komentarz

To teraz pozostaje Ci tylko zmienić zasilacz na markowy. ;)

hazhell
komentarz
komentarz

Wszystkie problemy się skończyły? Aż dziwne, że tylko ten syf spowodował taki spadek wydajności. Sprawdź dysk HD Tune. 

Majorka636
komentarz
komentarz

A markowy to np. jaki? (żeby pasował do mojego zestawu).

 

No na razie się skończyły, ale ten komputer ciągle mnie zaskakuje więc zobaczymy ;)

Co to dysk HD Tune??

hazhell
komentarz
komentarz

Sprawdź dysk twardy programem HD Tune, sprawdzisz SMART oraz czy nie ma bad sectorów. Jak będzie uszkodzony dysk to niestety komputer wraca do sklepu.

 

Markowy to każdy porządnej firmy np. Corsair, Fortron, Chieftec, Seasonic, Be quiet!, XFX itd. Ten Twój obecny to szrot dodawany do obudowy, która też pewnie najwyższych lotów nie jest. Można ryzykować i zostawić ten zasilacz, ale większość wymienia. Ci co nie wymienili jak np. mój brat, który uważał, że markowe zasilacze to marketing i ja głupi nabieram się na ten bełkot, pożegnał 3 karty graficzne i płytę główną zanim przyznał mi racje. Oczywiście osiedlowy cwaniak będzie zachwalał ten zasilacz jako najlepszy z możliwych, a jak coś się uszkodzi to powie, że komputer działał w czasie burzy. Takie były odzywki w latach 90 jak jeszcze nie było UOKiK. Ciesz się, że nic nie zapłaciłaś jeszcze. Bo ludzie często płacą, mimo że mają gwarancje, ale osiedlowy cwaniak opowiada historie typu, że ma pani nielegalnego windowsa czy mp3 i gwarancja nie obowiązuje już na nic.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.