Windows 7 i spowolniony start

**Posty:** 370 · przez **bracik1977** 03 Lip 2012, 21:12

Witam i posiadam laptopa sony ze systemem Windows 7 i czy to jest normalne jak zalacze laptopa zamula mi go i nie moge wtedy programu albo przegladarke otworzyc i tak jest zakazdym razem trwa to okolo 10 minut. Co mam z tym zrobic .

Dodano 03.07.2012 21:30:08:
A to jest logo z OTL

Kod: Zaznacz wszystko: OTL Extras logfile created on: 03.07.2012 22:19:12 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,65% Memory free 11,59 Gb Paging File | 9,22 Gb Available in Paging File | 79,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,32 Gb Total Space | 96,52 Gb Free Space | 21,34% Space Free | Partition Type: NTFS Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04F8C9BF-B5C4-447B-8941-778DA6AED26F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2511794A-A2A6-4CCE-9DF7-7A2A9773A314}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{61B1F016-3566-4636-9BF0-861204FE4C87}" = rport=137 | protocol=17 | dir=out | app=system | "{96D7ED9C-396D-4694-8F87-6539D9691DD4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{9E783B35-F375-4ADC-84A5-0DD5A990B5F3}" = rport=445 | protocol=6 | dir=out | app=system | "{AA679C00-CD17-402A-9A2F-DA65E5EF1990}" = lport=139 | protocol=6 | dir=in | app=system | "{AE788829-0D33-4024-AEA1-5C1BC5136470}" = lport=2869 | protocol=6 | dir=in | app=system | "{AE7B00D7-2A80-41BB-BC62-12E1B067F9D8}" = lport=445 | protocol=6 | dir=in | app=system | "{B5BDF66A-3D14-4951-ABC5-CEFB9EADF3BC}" = rport=139 | protocol=6 | dir=out | app=system | "{B896DD2B-3B48-4595-9447-479A1DC277E1}" = lport=138 | protocol=17 | dir=in | app=system | "{C0D4EA05-69A1-49D9-8569-03864C8DDEC0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C4D08C98-6FC5-47FD-AC34-26052AB14BC2}" = rport=138 | protocol=17 | dir=out | app=system | "{DEBF61CC-75D1-4920-90B3-07108DF171C6}" = lport=137 | protocol=17 | dir=in | app=system | "{FFE2E089-420C-457B-A3E6-40FF5FBBD71F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BBA2FDD-47A3-40E2-8385-06C31574B7B2}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe | "{0F53EDA4-5BA6-47DA-B55D-BB0346F5EBE1}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe | "{13B71459-1FD3-4147-84FE-30D42912F946}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1E71CD3C-2050-415F-B5CA-74C2F0623E33}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{2238CA2B-1000-4BD3-BE31-A67C15FE2329}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{32570F13-1C89-4AEC-ABCF-596E9E78D304}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{331EADBA-A26C-4E69-AE2E-121B3B4DF1E1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{4EF139B5-2FE1-4E5A-B438-B96F2C2CF044}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | "{5D600F3A-D3C7-4F1C-9922-2153E46CFA73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6F4A14D5-2D1F-416B-A984-316F8F51BD54}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | "{6FE90723-25BD-4BCF-968C-94209C18564D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{939E27AD-57B7-4A2F-8EA7-B59752D4C23B}" = protocol=6 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe | "{95863229-C3F8-489E-BC73-DE563F7094E7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | "{9659929B-1BF6-4A79-8B3B-867F08B43CDF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{975BA926-F4C8-40CE-9BDB-B5E668D1CECC}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | "{9D78ECB6-6EF8-4AED-ADCE-10D51FAD6392}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{BC612040-FF14-4A17-B9C8-A917B81C7809}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe | "{BC731A4A-1930-407A-9456-3072E42D37F4}" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "{C32141FD-9BAF-45CD-A16A-75A0197043ED}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | "{C63B85B4-7D56-4112-AA3E-3457D6CB0A9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | "{CF5B9B28-8D6B-4088-88E8-EDCA25D1819B}" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "{D277B40D-2A70-4AE7-B6AE-470102752B35}" = protocol=17 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe | "{D38E5C1C-A7E5-45CE-B803-4D99038323EE}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe | "{E7A833E6-010F-4498-B1C6-9259F63821DD}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{F0D57DB4-DC0D-4EF9-ADF5-469A69FB8C06}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | "{F17BCD72-4FD5-4E85-88C1-10F326172745}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | "{F9E294DD-A887-4BCD-BF22-4F65EF85056A}" = dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe | "TCP Query User{9B7D0CC7-A31C-4F97-A102-2C6AB0421ECF}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | "TCP Query User{B55C3A48-CEA2-4489-9907-8C701880B732}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{2CFB0FFA-6846-40DC-864C-FFEE70F4D201}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{BBF0278F-2B2D-4D38-896E-9917DE1FA45F}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery "{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64 "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in "{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery "{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64 "{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64 "{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus "{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager "{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus "{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists "{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care "{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX "{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3 "{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}" = Janosch Vorschule "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish "{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide "{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French "{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese "{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0 "{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus "{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen "{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian "{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3 "{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard "{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = "{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool "{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = "{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = PhotoMizer "{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0 "{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = "{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus "{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian "{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding "{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = "{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish "{C8BCC14C-2807-4C2D-A659-843427BF82E2}" = TopSecret Biometrics Components "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common "{D5E409E8-3AF3-4B19-A291-E27AECC905B3}" = Janosch Vorschule Englisch "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch "{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish "{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish "{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai "{ED1674F5-5165-49BF-B546-AE5343111540}" = WebCam "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static "{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian "{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All "{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "Any Video Converter_is1" = Any Video Converter 3.3.3 "Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9 "BlazeDTV 6.0_is1" = BlazeDTV 6.0 "FastStone Image Viewer" = FastStone Image Viewer 4.4 "Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1 "IncrediMail" = IncrediMail 2.0 "InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide "InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0 "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "LHTTSGED" = L&H TTS3000 Deutsch "Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl) "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "PremElem80" = Adobe Premiere Elements 8.0 "Revo Uninstaller" = Revo Uninstaller 1.94 "splashtop" = VAIO Quick Web Access "TC UP" = Total Commander Ultima Prime 4.7.0.0 "VAIO Help and Support" = "VAIO screensaver" = VAIO screensaver "Windows Searchqu Toolbar" = Windows Searchqu Toolbar "WinLiveSuite_Wave3" = Windows Live Essentials "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 01.10.2011 07:22:08 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 01.10.2011 18:32:18 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 01.10.2011 18:33:37 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 05.10.2011 11:27:46 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960, Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00025c43 ID des fehlerhaften Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 92d9388b-ef66-11e0-bfa7-c0cb38f2c74e Error - 05.10.2011 11:27:53 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960, Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850, Zeitstempel: 0x4e211485 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 9762541b-ef66-11e0-bfa7-c0cb38f2c74e Error - 05.10.2011 11:28:23 | Computer Name = ADA-VAIO | Source = Application Hang | ID = 1002 Description = Programm IncMail.exe, Version 6.2.8.4960 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1860 Startzeit: 01cc83735c102d24 Endzeit: 29 Anwendungspfad: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Berichts-ID: a688b966-ef66-11e0-bfa7-c0cb38f2c74e Error - 06.10.2011 10:15:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 06.10.2011 10:16:47 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.10.2011 05:52:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.10.2011 05:53:31 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. [ Media Center Events ] Error - 31.01.2011 15:53:09 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0 Description = 20:53:08 - Directory konnte nicht abgerufen werden (Fehler: Der Remotename konnte nicht aufgelöst werden: 'data.tvdownload.microsoft.com') Error - 31.01.2011 15:53:28 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0 Description = 20:53:17 - Fehler beim Herstellen der Internetverbindung. 20:53:17 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 02.07.2012 23:18:25 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VD_FileDisk Error - 03.07.2012 11:30:09 | Computer Name = ADA-VAIO | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 03.07.2012 11:31:09 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 03.07.2012 11:31:32 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VD_FileDisk Error - 03.07.2012 11:35:51 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7022 Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet. Error - 03.07.2012 11:38:11 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7022 Description = Der Dienst "Intel(R) Management & Security Application User Notification Service" wurde nicht richtig gestartet. Error - 03.07.2012 11:38:59 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SampleCollector erreicht. Error - 03.07.2012 11:39:29 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst VSNService erreicht. Error - 03.07.2012 14:13:30 | Computer Name = ADA-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.129.902.0) Error - 03.07.2012 14:24:08 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7034 Description = Dienst "VAIO Care Performance Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. < End of report >

Kod: Zaznacz wszystko: OTL logfile created on: 03.07.2012 22:19:11 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,65% Memory free 11,59 Gb Paging File | 9,22 Gb Available in Paging File | 79,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,32 Gb Total Space | 96,52 Gb Free Space | 21,34% Space Free | Partition Type: NTFS Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012.07.03 22:15:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\ADA\Downloads\OTL.com PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe PRC - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe PRC - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe PRC - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012.06.28 12:28:56 | 000,438,296 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll MOD - [2012.06.28 12:28:54 | 003,972,120 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll MOD - [2012.06.28 12:27:40 | 000,554,520 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll MOD - [2012.06.28 12:27:38 | 000,117,784 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll MOD - [2012.06.28 12:27:29 | 000,140,328 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll MOD - [2012.06.28 12:27:28 | 000,262,184 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll MOD - [2012.06.28 12:27:26 | 002,386,984 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll MOD - [2012.06.28 10:27:26 | 009,252,040 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll MOD - [2012.06.28 10:27:26 | 009,252,040 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\APPLIC~1\200113~1.47\gcswf32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010.08.19 18:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Programme\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64) Cyberlink RichVideo64 Service(CRVS) SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.07.29 13:22:44 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR) SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011.10.14 14:35:50 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA) DRV:[b]64bit:[/b] - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b]64bit:[/b] - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:[b]64bit:[/b] - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:[b]64bit:[/b] - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2010.05.31 23:31:21 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2010.04.29 12:20:20 | 000,182,912 | ---- | M] (Etron) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETdrv.sys -- (usbet) DRV:[b]64bit:[/b] - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:[b]64bit:[/b] - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:[b]64bit:[/b] - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64) DRV:[b]64bit:[/b] - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\vd_filedisk.sys -- (VD_FileDisk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{08BE6EE1-8079-47C9-A38A-75478049A4DD}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcearchTerms}&rf=sonyslices IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6E1C308D-3DF5-48A3-819A-5F93D048AF7F}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{7345481F-7D5C-4F1F-B5B8-65E3A33378A0}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-W1&o=100000080&src=crm&q={searchTerms}&locale=&apn_ptnrs=JM&apn_dtid=YYYYYYYYDE&apn_uid=b74a7517-8d27-4ba1-ac99-eb5e60f2a890&apn_sauid=2757DB68-7B85-4BAB-848E-CA99B4442FEE& IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8559D8B2-251B-42ED-8273-4C12CD1E5B98}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8EA3CDFF-2737-4D7C-82D4-307ECCF20F7B}: "URL" = http://start.funmoods.com/results.php?f=4&a=make&q={searchTerms} IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{97D9E0FC-6DC0-4316-B570-BC0C58C90222}: "URL" = http://de.shopping.com/?linkin_id=8056363 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms} IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=128" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&sr=0&q=" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.02.01 14:23:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.13 18:16:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.02 20:16:37 | 000,000,000 | ---D | M] [2012.02.09 18:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Extensions [2012.06.16 20:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions [2012.02.09 18:15:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011.07.03 17:45:05 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012.02.03 10:31:23 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com [2011.11.09 17:05:26 | 000,002,406 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\askcom.xml [2012.02.01 14:23:14 | 000,001,798 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\funmoods.xml [2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\Search_Results.xml [2012.02.04 22:10:54 | 000,003,915 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\sweetim.xml [2012.07.02 23:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.05.16 19:01:05 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2012.05.23 19:28:04 | 000,061,109 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI [2012.01.10 22:52:44 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.01.13 18:16:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.31 06:57:31 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011.10.31 06:57:31 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011.10.31 06:57:31 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011.10.31 06:57:31 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2011.10.31 06:57:31 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011.10.31 06:57:31 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Search Results (Enabled) CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=0&systemid=421&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_1\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Unity Player (Enabled) = C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Google Update (Enabled) = C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\ CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-293356991-225826379-2249491693-1000..\RunOnce: [JavaInstallRetry] C:\Users\ADA\AppData\LocalLow\Sun\Java\JRERunOnce.exe (Oracle Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll (Bandoo Media, inc) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2007.09.26 07:00:00 | 000,000,064 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010.07.14 12:36:42 | 000,103,816 | R--- | M] (CANON INC.) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012.07.02 21:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon [2012.07.02 21:37:22 | 000,000,000 | ---D | C] -- C:\canon_downloads [2012.07.02 21:19:10 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.02 20:16:37 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.06.23 07:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Gigaset QuickSync [2012.06.23 07:49:38 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Local\Gigaset_Communications_Gm [2012.06.23 07:48:51 | 000,054,272 | ---- | C] (Siemens Home and Office Communication Devices GmbH & Co. KG) -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys [2012.06.23 07:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync [2012.06.23 07:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigaset QuickSync [2012.06.21 17:41:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.21 17:41:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.21 17:41:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.21 17:40:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.21 17:40:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.21 17:40:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.21 17:39:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.21 17:39:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.14 16:52:56 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.14 16:52:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.14 16:52:36 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.06.14 16:52:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.06.14 16:52:33 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.06.14 16:52:18 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.06.14 16:52:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.06.14 16:52:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.06.14 16:52:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.06.14 16:52:16 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.06.14 16:52:16 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.06.14 16:52:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.06.14 16:52:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.06.14 16:52:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.06.14 16:52:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.06.14 16:52:15 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.06.14 16:52:15 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.06.14 16:25:21 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.14 16:25:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.14 16:25:21 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.14 16:25:17 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.14 16:25:13 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.14 16:25:12 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.14 16:25:05 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.14 16:24:48 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.14 16:24:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.06.07 17:35:52 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terzio [2012.06.07 17:03:46 | 000,000,000 | ---D | C] -- C:\Terzio [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012.07.03 21:27:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000UA.job [2012.07.03 21:01:47 | 000,001,264 | ---- | M] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk [2012.07.03 20:59:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.03 20:25:00 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.03 20:25:00 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.03 20:13:44 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000Core.job [2012.07.03 17:30:10 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012.07.02 21:18:49 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.01 21:03:55 | 000,634,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.01 21:03:55 | 000,114,306 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.01 21:03:54 | 001,558,548 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.01 21:03:54 | 000,677,036 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.01 21:03:54 | 000,140,516 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.23 08:00:59 | 000,012,841 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\UserTile.png [2012.06.23 07:48:48 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk [2012.06.14 18:24:24 | 000,481,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.07 17:35:53 | 000,001,712 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk [2012.06.07 17:09:02 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012.07.03 21:01:47 | 000,001,264 | ---- | C] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk [2012.06.23 08:00:59 | 000,012,841 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\UserTile.png [2012.06.23 07:48:48 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk [2012.06.07 17:35:53 | 000,001,712 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk [2012.06.07 17:09:02 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk [2012.01.22 20:05:54 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012.01.22 20:05:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012.01.15 18:46:45 | 000,017,408 | ---- | C] () -- C:\Users\ADA\AppData\Local\WebpageIcons.db [2011.10.14 14:38:00 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll [2011.07.04 20:51:44 | 000,000,000 | ---- | C] () -- C:\Users\ADA\AppData\Local\{C9CFCFBA-6C1C-4CD5-B479-B01BA1DAD6B6} [2011.03.30 17:15:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.02.13 22:04:29 | 000,004,900 | ---- | C] () -- C:\ProgramData\hvcatrnw.tht [2011.01.28 21:24:59 | 000,000,168 | RHS- | C] () -- C:\ProgramData\FC8332F981.sys [2011.01.28 21:24:58 | 000,008,456 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.01.25 23:13:48 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.24 16:52:54 | 000,000,042 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\default.pls [2011.01.24 16:22:50 | 000,001,024 | ---- | C] () -- C:\Users\ADA\.rnd [2010.12.28 15:55:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2010.12.09 16:09:38 | 000,074,240 | ---- | C] () -- C:\Users\ADA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [color=#E56717]========== LOP Check ==========[/color] [2010.12.09 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ACD Systems [2012.01.22 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\AnvSoft [2012.02.14 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ashampoo [2012.02.14 21:27:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Canneverbe Limited [2011.01.24 21:28:36 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.06.01 16:22:37 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Engelmann Media [2012.02.09 18:15:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\FreeBurner [2011.04.08 23:37:53 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Gadu-Gadu 10 [2010.12.03 11:36:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\GHISLER [2010.12.09 13:06:01 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\HEXelon [2011.04.10 00:14:17 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\IrfanView [2011.02.05 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MAGIX [2011.02.13 22:04:41 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MOVAVI [2010.12.09 13:15:22 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\No Company Name [2011.11.05 14:27:27 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Opera [2011.05.17 21:34:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoScape [2011.01.24 21:27:57 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1 [2012.06.04 21:01:13 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PowerCinema [2011.02.06 20:46:58 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Publish Providers [2011.01.28 17:28:52 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\SoftGrid Client [2011.08.28 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Sony [2011.01.25 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\TP [2011.02.15 23:28:56 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ulead Systems [2012.05.16 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Unity [2011.05.19 23:08:26 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\UNOUndercover [2011.04.09 23:23:14 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\XnView [2011.10.13 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ZapodajUploader [2012.05.01 14:47:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CC02DF48 < End of report >

**Posty:** 205 · przez **defacto19** 04 Lip 2012, 17:23

Uruchom OTL i w sekcji (Własne opcje skanowania/Script)wklej:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{08BE6EE1-8079-47C9-A38A-75478049A4DD}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6E1C308D-3DF5-48A3-819A-5F93D048AF7F}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{7345481F-7D5C-4F1F-B5B8-65E3A33378A0}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-W1&o=100000080&src=crm&q={searchTerms}&locale=&apn_ptnrs=JM&apn_dtid=YYYYYYYYDE&apn_uid=b74a7517-8d27-4ba1-ac99-eb5e60f2a890&apn_sauid=2757DB68-7B85-4BAB-848E-CA99B4442FEE&
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8EA3CDFF-2737-4D7C-82D4-307ECCF20F7B}: "URL" = http://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{97D9E0FC-6DC0-4316-B570-BC0C58C90222}: "URL" = http://de.shopping.com/?linkin_id=8056363
IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&sr=0&q="
[2012.02.09 18:15:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.07.03 17:45:05 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.02.03 10:31:23 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com
[2011.11.09 17:05:26 | 000,002,406 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\askcom.xml
[2012.02.01 14:23:14 | 000,001,798 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\funmoods.xml
[2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\Search_Results.xml
[2012.02.04 22:10:54 | 000,003,915 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\sweetim.xml
[2012.05.23 19:28:04 | 000,061,109 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.01.10 22:52:44 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=0&systemid=421&sr=0&q={searchTerms}
CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CC02DF48

:Commands
[emptytemp]

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, i kliknij skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.

**Posty:** 370 · przez **bracik1977** 04 Lip 2012, 17:50

To jest raport z usuwania

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{08BE6EE1-8079-47C9-A38A-75478049A4DD}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08BE6EE1-8079-47C9-A38A-75478049A4DD}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6E1C308D-3DF5-48A3-819A-5F93D048AF7F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E1C308D-3DF5-48A3-819A-5F93D048AF7F}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7345481F-7D5C-4F1F-B5B8-65E3A33378A0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7345481F-7D5C-4F1F-B5B8-65E3A33378A0}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8EA3CDFF-2737-4D7C-82D4-307ECCF20F7B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EA3CDFF-2737-4D7C-82D4-307ECCF20F7B}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{97D9E0FC-6DC0-4316-B570-BC0C58C90222}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97D9E0FC-6DC0-4316-B570-BC0C58C90222}\ not found. Registry key HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ not found. Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Search Results" removed from browser.search.defaultenginename Prefs.js: "Search Results" removed from browser.search.order.1 Prefs.js: "Search Results" removed from browser.search.selectedEngine Prefs.js: true removed from browser.search.useDBForOrder Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems Prefs.js: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7 removed from extensions.enabledItems Prefs.js: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 removed from extensions.enabledItems Prefs.js: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&sr=0&q=" removed from keyword.URL C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\de-DE@dictionaries.addons.mozilla.org\dictionaries folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\de-DE@dictionaries.addons.mozilla.org folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com\content\imgs folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com\content folder moved successfully. C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com folder moved successfully. C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\askcom.xml moved successfully. C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\funmoods.xml moved successfully. C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\Search_Results.xml moved successfully. C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\sweetim.xml moved successfully. C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI moved successfully. C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml moved successfully. Unable to fix default_search_provider items. File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of not found. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0 folder moved successfully. File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of not found. File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0 not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. File C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully. File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found. ADS C:\ProgramData\Temp:CC02DF48 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: ADA ->Temp folder emptied: 1998388793 bytes ->Temporary Internet Files folder emptied: 45059347 bytes ->Java cache emptied: 77505206 bytes ->FireFox cache emptied: 65030627 bytes ->Google Chrome cache emptied: 404428267 bytes ->Opera cache emptied: 3779825 bytes ->Flash cache emptied: 54022 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41654 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 587481727 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 558109 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 766 bytes RecycleBin emptied: 26360704497 bytes Total Files Cleaned = 28.174,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07042012_173851 Files\Folders moved on Reboot... File\Folder C:\Users\ADA\AppData\Local\Temp\etilqs_aQRixx9rvVYnCK8 not found! File\Folder C:\Users\ADA\AppData\Local\Temp\etilqs_VI8N6SFDeBw9Ubi not found! File\Folder C:\Users\ADA\AppData\Local\Temp\fla58B8.tmp not found! File move failed. C:\Users\ADA\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot. File\Folder C:\Users\ADA\AppData\Local\Temp\~DF1640443CCC22F0C6.TMP not found! File\Folder C:\Users\ADA\AppData\Local\Temp\~DF3FA4966169BDC87D.TMP not found! File\Folder C:\Users\ADA\AppData\Local\Temp\~DF8CC4940FE4E5BB49.TMP not found! File\Folder C:\Users\ADA\AppData\Local\Temp\~DF905BFC6840D0A6F3.TMP not found! File\Folder C:\Users\ADA\AppData\Local\Temp\~DFE9E6D21E6885FB64.TMP not found! File\Folder C:\Users\ADA\AppData\Local\Temp\~DFEE8607EF08F9E945.TMP not found! C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 moved successfully. C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully. PendingFileRenameOperations files... File C:\Users\ADA\AppData\Local\Temp\etilqs_aQRixx9rvVYnCK8 not found! File C:\Users\ADA\AppData\Local\Temp\etilqs_VI8N6SFDeBw9Ubi not found! File C:\Users\ADA\AppData\Local\Temp\fla58B8.tmp not found! [2010.11.23 18:32:29 | 000,000,000 | ---- | M] () C:\Users\ADA\AppData\Local\Temp\FXSAPIDebugLogFile.txt : Unable to obtain MD5 File C:\Users\ADA\AppData\Local\Temp\~DF1640443CCC22F0C6.TMP not found! File C:\Users\ADA\AppData\Local\Temp\~DF3FA4966169BDC87D.TMP not found! File C:\Users\ADA\AppData\Local\Temp\~DF8CC4940FE4E5BB49.TMP not found! File C:\Users\ADA\AppData\Local\Temp\~DF905BFC6840D0A6F3.TMP not found! File C:\Users\ADA\AppData\Local\Temp\~DFE9E6D21E6885FB64.TMP not found! File C:\Users\ADA\AppData\Local\Temp\~DFEE8607EF08F9E945.TMP not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 not found! File C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Cache\index not found! Registry entries deleted on Reboot...

Dodano 04.07.2012 17:10:06:
A to jest nowy log z OTL

Kod: Zaznacz wszystko: OTL logfile created on: 04.07.2012 17:50:34 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 62,68% Memory free 7,71 Gb Paging File | 6,09 Gb Available in Paging File | 78,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,32 Gb Total Space | 126,92 Gb Free Space | 28,06% Space Free | Partition Type: NTFS Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012.07.04 17:50:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\ADA\Downloads\OTL (3).com PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe PRC - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe PRC - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe PRC - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe PRC - [2009.07.14 03:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012.06.28 12:28:56 | 000,438,296 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll MOD - [2012.06.28 12:28:54 | 003,972,120 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll MOD - [2012.06.28 12:27:40 | 000,554,520 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll MOD - [2012.06.28 12:27:38 | 000,117,784 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll MOD - [2012.06.28 12:27:29 | 000,140,328 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll MOD - [2012.06.28 12:27:28 | 000,262,184 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll MOD - [2012.06.28 12:27:26 | 002,386,984 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010.08.19 18:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Programme\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64) Cyberlink RichVideo64 Service(CRVS) SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.07.29 13:22:44 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR) SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011.10.14 14:35:50 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA) DRV:[b]64bit:[/b] - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b]64bit:[/b] - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:[b]64bit:[/b] - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:[b]64bit:[/b] - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2010.05.31 23:31:21 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2010.04.29 12:20:20 | 000,182,912 | ---- | M] (Etron) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETdrv.sys -- (usbet) DRV:[b]64bit:[/b] - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:[b]64bit:[/b] - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:[b]64bit:[/b] - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64) DRV:[b]64bit:[/b] - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\vd_filedisk.sys -- (VD_FileDisk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8559D8B2-251B-42ED-8273-4C12CD1E5B98}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: "" FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=128" FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.02.01 14:23:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.13 18:16:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.02 20:16:37 | 000,000,000 | ---D | M] [2012.02.09 18:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Extensions [2012.07.04 17:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions [2012.07.02 23:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.05.16 19:01:05 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} File not found (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI File not found (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI File not found (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\DE-DE@DICTIONARIES.ADDONS.MOZILLA.ORG File not found (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\FFXTLBR@FUNMOODS.COM [2012.01.13 18:16:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.31 06:57:31 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011.10.31 06:57:31 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011.10.31 06:57:31 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011.10.31 06:57:31 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011.10.31 06:57:31 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011.10.31 06:57:31 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Search Results (Enabled) CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=0&systemid=421&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_1\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Unity Player (Enabled) = C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Google Update (Enabled) = C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\ CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc) O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll (Bandoo Media, inc) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2007.09.26 07:00:00 | 000,000,064 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010.07.14 12:36:42 | 000,103,816 | R--- | M] (CANON INC.) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012.07.04 17:38:51 | 000,000,000 | ---D | C] -- C:\_OTL [2012.07.03 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Local\PlayMovie [2012.07.03 22:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.07.03 22:24:31 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.03 22:24:15 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.03 22:24:15 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012.07.02 21:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon [2012.07.02 21:37:22 | 000,000,000 | ---D | C] -- C:\canon_downloads [2012.07.02 20:17:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.07.02 20:16:37 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.06.23 07:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Gigaset QuickSync [2012.06.23 07:49:38 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Local\Gigaset_Communications_Gm [2012.06.23 07:48:51 | 000,054,272 | ---- | C] (Siemens Home and Office Communication Devices GmbH & Co. KG) -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys [2012.06.23 07:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync [2012.06.23 07:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigaset QuickSync [2012.06.21 17:41:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.21 17:41:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.21 17:41:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.21 17:40:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.21 17:40:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.21 17:40:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.21 17:39:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.21 17:39:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.14 16:52:56 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.14 16:52:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.14 16:52:36 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.06.14 16:52:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.06.14 16:52:33 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.06.14 16:52:18 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.06.14 16:52:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.06.14 16:52:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.06.14 16:52:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.06.14 16:52:16 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.06.14 16:52:16 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.06.14 16:52:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.06.14 16:52:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.06.14 16:52:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.06.14 16:52:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.06.14 16:52:15 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.06.14 16:52:15 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.06.14 16:25:21 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.14 16:25:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.14 16:25:21 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.14 16:25:17 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.14 16:25:13 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.14 16:25:12 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.14 16:25:05 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.14 16:24:48 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.14 16:24:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.06.07 17:35:52 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terzio [2012.06.07 17:03:46 | 000,000,000 | ---D | C] -- C:\Terzio [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012.07.04 17:53:50 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 17:53:50 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 17:45:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.04 17:45:40 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012.07.03 22:24:03 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.03 22:24:03 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.03 22:24:03 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.03 21:27:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000UA.job [2012.07.03 21:01:47 | 000,001,264 | ---- | M] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk [2012.07.03 20:13:44 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000Core.job [2012.07.01 21:03:55 | 000,634,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.01 21:03:55 | 000,114,306 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.01 21:03:54 | 001,558,548 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.01 21:03:54 | 000,677,036 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.01 21:03:54 | 000,140,516 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.23 08:00:59 | 000,012,841 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\UserTile.png [2012.06.23 07:48:48 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk [2012.06.14 18:24:24 | 000,481,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.07 17:35:53 | 000,001,712 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk [2012.06.07 17:09:02 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012.07.03 21:01:47 | 000,001,264 | ---- | C] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk [2012.06.23 08:00:59 | 000,012,841 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\UserTile.png [2012.06.23 07:48:48 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk [2012.06.07 17:35:53 | 000,001,712 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk [2012.06.07 17:09:02 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk [2012.01.22 20:05:54 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012.01.22 20:05:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012.01.15 18:46:45 | 000,017,408 | ---- | C] () -- C:\Users\ADA\AppData\Local\WebpageIcons.db [2011.10.14 14:38:00 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll [2011.07.04 20:51:44 | 000,000,000 | ---- | C] () -- C:\Users\ADA\AppData\Local\{C9CFCFBA-6C1C-4CD5-B479-B01BA1DAD6B6} [2011.03.30 17:15:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.02.13 22:04:29 | 000,004,900 | ---- | C] () -- C:\ProgramData\hvcatrnw.tht [2011.01.28 21:24:59 | 000,000,168 | RHS- | C] () -- C:\ProgramData\FC8332F981.sys [2011.01.28 21:24:58 | 000,008,456 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.01.25 23:13:48 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.24 16:52:54 | 000,000,042 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\default.pls [2011.01.24 16:22:50 | 000,001,024 | ---- | C] () -- C:\Users\ADA\.rnd [2010.12.28 15:55:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2010.12.09 16:09:38 | 000,074,240 | ---- | C] () -- C:\Users\ADA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [color=#E56717]========== LOP Check ==========[/color] [2010.12.09 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ACD Systems [2012.01.22 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\AnvSoft [2012.02.14 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ashampoo [2012.02.14 21:27:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Canneverbe Limited [2011.01.24 21:28:36 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.06.01 16:22:37 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Engelmann Media [2012.02.09 18:15:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\FreeBurner [2011.04.08 23:37:53 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Gadu-Gadu 10 [2010.12.03 11:36:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\GHISLER [2010.12.09 13:06:01 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\HEXelon [2011.04.10 00:14:17 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\IrfanView [2011.02.05 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MAGIX [2011.02.13 22:04:41 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MOVAVI [2010.12.09 13:15:22 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\No Company Name [2011.11.05 14:27:27 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Opera [2011.05.17 21:34:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoScape [2011.01.24 21:27:57 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1 [2012.07.03 23:12:35 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PowerCinema [2011.02.06 20:46:58 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Publish Providers [2011.01.28 17:28:52 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\SoftGrid Client [2011.08.28 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Sony [2011.01.25 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\TP [2011.02.15 23:28:56 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ulead Systems [2012.05.16 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Unity [2011.05.19 23:08:26 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\UNOUndercover [2011.04.09 23:23:14 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\XnView [2011.10.13 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ZapodajUploader [2012.05.01 14:47:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 04.07.2012 17:50:34 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 62,68% Memory free 7,71 Gb Paging File | 6,09 Gb Available in Paging File | 78,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,32 Gb Total Space | 126,92 Gb Free Space | 28,06% Space Free | Partition Type: NTFS Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04F8C9BF-B5C4-447B-8941-778DA6AED26F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2511794A-A2A6-4CCE-9DF7-7A2A9773A314}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{61B1F016-3566-4636-9BF0-861204FE4C87}" = rport=137 | protocol=17 | dir=out | app=system | "{96D7ED9C-396D-4694-8F87-6539D9691DD4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{9E783B35-F375-4ADC-84A5-0DD5A990B5F3}" = rport=445 | protocol=6 | dir=out | app=system | "{AA679C00-CD17-402A-9A2F-DA65E5EF1990}" = lport=139 | protocol=6 | dir=in | app=system | "{AE788829-0D33-4024-AEA1-5C1BC5136470}" = lport=2869 | protocol=6 | dir=in | app=system | "{AE7B00D7-2A80-41BB-BC62-12E1B067F9D8}" = lport=445 | protocol=6 | dir=in | app=system | "{B5BDF66A-3D14-4951-ABC5-CEFB9EADF3BC}" = rport=139 | protocol=6 | dir=out | app=system | "{B896DD2B-3B48-4595-9447-479A1DC277E1}" = lport=138 | protocol=17 | dir=in | app=system | "{C0D4EA05-69A1-49D9-8569-03864C8DDEC0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C4D08C98-6FC5-47FD-AC34-26052AB14BC2}" = rport=138 | protocol=17 | dir=out | app=system | "{DEBF61CC-75D1-4920-90B3-07108DF171C6}" = lport=137 | protocol=17 | dir=in | app=system | "{FFE2E089-420C-457B-A3E6-40FF5FBBD71F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BBA2FDD-47A3-40E2-8385-06C31574B7B2}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe | "{0F53EDA4-5BA6-47DA-B55D-BB0346F5EBE1}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe | "{13B71459-1FD3-4147-84FE-30D42912F946}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1E71CD3C-2050-415F-B5CA-74C2F0623E33}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{2238CA2B-1000-4BD3-BE31-A67C15FE2329}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{32570F13-1C89-4AEC-ABCF-596E9E78D304}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{331EADBA-A26C-4E69-AE2E-121B3B4DF1E1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{4EF139B5-2FE1-4E5A-B438-B96F2C2CF044}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | "{5D600F3A-D3C7-4F1C-9922-2153E46CFA73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6F4A14D5-2D1F-416B-A984-316F8F51BD54}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | "{6FE90723-25BD-4BCF-968C-94209C18564D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{939E27AD-57B7-4A2F-8EA7-B59752D4C23B}" = protocol=6 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe | "{95863229-C3F8-489E-BC73-DE563F7094E7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | "{9659929B-1BF6-4A79-8B3B-867F08B43CDF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{975BA926-F4C8-40CE-9BDB-B5E668D1CECC}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | "{9D78ECB6-6EF8-4AED-ADCE-10D51FAD6392}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{BC612040-FF14-4A17-B9C8-A917B81C7809}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe | "{BC731A4A-1930-407A-9456-3072E42D37F4}" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "{C32141FD-9BAF-45CD-A16A-75A0197043ED}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | "{C63B85B4-7D56-4112-AA3E-3457D6CB0A9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | "{CF5B9B28-8D6B-4088-88E8-EDCA25D1819B}" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "{D277B40D-2A70-4AE7-B6AE-470102752B35}" = protocol=17 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe | "{D38E5C1C-A7E5-45CE-B803-4D99038323EE}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe | "{E7A833E6-010F-4498-B1C6-9259F63821DD}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{F0D57DB4-DC0D-4EF9-ADF5-469A69FB8C06}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | "{F17BCD72-4FD5-4E85-88C1-10F326172745}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | "{F9E294DD-A887-4BCD-BF22-4F65EF85056A}" = dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe | "TCP Query User{9B7D0CC7-A31C-4F97-A102-2C6AB0421ECF}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | "TCP Query User{B55C3A48-CEA2-4489-9907-8C701880B732}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{2CFB0FFA-6846-40DC-864C-FFEE70F4D201}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{BBF0278F-2B2D-4D38-896E-9917DE1FA45F}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery "{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64 "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in "{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery "{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64 "{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64 "{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus "{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager "{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus "{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists "{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care "{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX "{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3 "{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}" = Janosch Vorschule "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish "{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide "{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French "{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese "{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0 "{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus "{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen "{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian "{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3 "{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard "{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = "{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool "{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = "{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = PhotoMizer "{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0 "{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = "{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus "{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian "{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding "{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = "{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish "{C8BCC14C-2807-4C2D-A659-843427BF82E2}" = TopSecret Biometrics Components "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common "{D5E409E8-3AF3-4B19-A291-E27AECC905B3}" = Janosch Vorschule Englisch "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch "{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish "{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish "{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai "{ED1674F5-5165-49BF-B546-AE5343111540}" = WebCam "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static "{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian "{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All "{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "Any Video Converter_is1" = Any Video Converter 3.3.3 "Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9 "BlazeDTV 6.0_is1" = BlazeDTV 6.0 "FastStone Image Viewer" = FastStone Image Viewer 4.4 "Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1 "IncrediMail" = IncrediMail 2.0 "InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide "InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0 "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "LHTTSGED" = L&H TTS3000 Deutsch "Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl) "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "PremElem80" = Adobe Premiere Elements 8.0 "Revo Uninstaller" = Revo Uninstaller 1.94 "splashtop" = VAIO Quick Web Access "TC UP" = Total Commander Ultima Prime 4.7.0.0 "VAIO Help and Support" = "VAIO screensaver" = VAIO screensaver "Windows Searchqu Toolbar" = Windows Searchqu Toolbar "WinLiveSuite_Wave3" = Windows Live Essentials "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 01.10.2011 07:22:08 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 01.10.2011 18:32:18 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 01.10.2011 18:33:37 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 05.10.2011 11:27:46 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960, Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00025c43 ID des fehlerhaften Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 92d9388b-ef66-11e0-bfa7-c0cb38f2c74e Error - 05.10.2011 11:27:53 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960, Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850, Zeitstempel: 0x4e211485 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 9762541b-ef66-11e0-bfa7-c0cb38f2c74e Error - 05.10.2011 11:28:23 | Computer Name = ADA-VAIO | Source = Application Hang | ID = 1002 Description = Programm IncMail.exe, Version 6.2.8.4960 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1860 Startzeit: 01cc83735c102d24 Endzeit: 29 Anwendungspfad: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Berichts-ID: a688b966-ef66-11e0-bfa7-c0cb38f2c74e Error - 06.10.2011 10:15:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 06.10.2011 10:16:47 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.10.2011 05:52:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.10.2011 05:53:31 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. [ Media Center Events ] Error - 31.01.2011 15:53:09 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0 Description = 20:53:08 - Directory konnte nicht abgerufen werden (Fehler: Der Remotename konnte nicht aufgelöst werden: 'data.tvdownload.microsoft.com') Error - 31.01.2011 15:53:28 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0 Description = 20:53:17 - Fehler beim Herstellen der Internetverbindung. 20:53:17 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 03.07.2012 17:13:26 | Computer Name = ADA-VAIO | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 03.07.2012 17:14:12 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 03.07.2012 17:14:14 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VD_FileDisk Error - 04.07.2012 11:26:47 | Computer Name = ADA-VAIO | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 04.07.2012 11:27:19 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 04.07.2012 11:27:36 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VD_FileDisk Error - 04.07.2012 11:38:51 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7034 Description = Dienst "Adobe Active File Monitor V8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 04.07.2012 11:45:38 | Computer Name = ADA-VAIO | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 04.07.2012 11:46:06 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 04.07.2012 11:46:18 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: VD_FileDisk < End of report >

**Posty:** 205 · przez **defacto19** 04 Lip 2012, 18:39

Uruchom OTL, i użyj opcji sprzątanie.

zastosuj AdwCleaner z opcji Delete.
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

Wykonaj pełne skanowanie przy pomocy malwarebytes anti-malware
http://www.malwarebytes.org/

Zainstaluj sobie jakiegoś antywirusa np darmową Avire.
http://www.avira.com/en/avira-free-antivirus

Autor postu otrzymał pochwałę