Nieoryginalny oryginalny Windows i dziwny problem

Post: #1

Nieoryginalny oryginalny Windows i dziwny problem

Witam, od pewnego czasu borykam się z dziwacznym problemem. Początkowo nie był on tak uciążliwy, od niedawna prawie uniemożliwia mi korzystanie z komputera. Nie wiem czy wszystkie problemy które opiszę są spowodowane tym samym, ale tak czy inaczej proszę o pomoc.

Mam roczny laptop z oryginalnym Windowsem 7. Zaczęło się od tego, że po jakiś 3 miesiącach 1/10 włączeń komputera nie działał mi internet. Uruchamiałem mozille, a ta się nie włączała. W procesach po naciśnięciu alt+ctrl+del widniała jako uruchomiona, nie dało się jednak w żaden sposób zamknąć procesu. Pozostałe przeglądarki i inne rzeczy online też przestawały działać. Jedynym wyjściem był restart komputera. Ostatnio dzieje się to coraz częściej. Dodatkowo przy korzystaniu z przeglądarki zaczyna mi tak jakby "prześwitywać" prymitywny biały, kwadratowy interface, jak z win98, który niejako nachodzi na normalny interface i uniemożliwia korzystanie z niego. Mniej więcej równocześnie kiedy zaczęło się to dziać, zaczął pojawiać się u mnie komunikat, że prawdopodobnie mam nielegalną kopię systemu windows. Co godzinę wywala inne absurdalne błędy, szkoda, że akurat teraz żaden nie wyskoczył, podałbym dokładnie jaki. Częstotliwość błędów zwiększa się kilkukrotnie gdy oglądam film lub gram w grę. Przy próbie aktualizacji systemu pojawia się "nieznany błąd, kod C0000022" i przy aktualizacjach innych rzeczy, np. karty graficznej dzieje się podobnie. Pojawia się również informacja, że zapora sieciowa jest wyłączona i radzą mi ją włączyć. Gdy klikam "włącz", albo nic się nie dzieje i się zacina, albo wywala mnie do katalogu system32...Wyglądało mi to wszystko na typowy wirus, ale skanowałem Avirą i Spybotem, nic nie wykryły. Nie wiem co mam robić, proszę o radę!

PS: Dodam, że po przeczytaniu innych postów chciałem aktywować system przy użyciu mojego klucza, ale tam gdzie powinienem mieć opcje aktywacji (Mój komputer-właściwości, albo panel sterowania-system i zabezpieczenia-system) widnieje: "Aktywacja systemu Windows. Stan jest niedostępny. Identyfikator produktu: niedostępne/
Pani SuperMod

Post: #2

RE: Nieoryginalny oryginalny windows + dziwny problem

Weź wywali Avirę i zainstaluj jakiś inny antywirus np avasta bądź jakiegoś 30 dniowego. Mam w pracy kompa z Avirą, który przez godzinę nie jest w stanie pracować bo jest zawieszony i pokazuje, że antywirus i zapora są wyłączone.

Dodatkowo przeskanuj kompa OTL'em i daj logi tutaj. Porada

Post: #3

RE: Nieoryginalny oryginalny windows + dziwny problem

Dokładnie, zacznijmy od OTL, zrób logi i pokaż na forum.

Post: #4

RE: Nieoryginalny oryginalny windows + dziwny problem

Wrzucam logi z OTL:

Cytat:OTL logfile created on: 2014-04-08 07:47:24 - Run 1
OTL by OldTimer - Version Folder = C:\Users\Adam\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,90 Gb Total Physical Memory | 5,51 Gb Available Physical Memory | 69,67% Memory free
15,81 Gb Paging File | 12,98 Gb Available in Paging File | 82,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 457,61 Gb Free Space | 51,63% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 21,69 Gb Free Space | 85,15% Space Free | Partition Type: NTFS
Drive G: | 209,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: KOMPUTER-ADAMA | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-04-08 00:22:56 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-04-08 00:22:56 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-04-08 00:16:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe
PRC - [2014-04-02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-02-28 18:11:46 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014-01-03 02:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013-10-15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013-09-20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013-09-13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013-08-23 03:24:05 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2013-07-25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012-08-15 01:41:36 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2012-08-15 01:39:40 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
PRC - [2012-05-21 09:26:28 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-02-28 11:20:02 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-28 11:19:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-28 11:19:46 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2011-12-08 11:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
PRC - [2011-11-29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-11-29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-08-25 20:43:44 | 000,337,776 | ---- | M] ( ) -- C:\Program Files (x86)\LockKey\LockKey.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-01-28 23:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

========== Modules (No Company Name) ==========

MOD - [2014-04-08 00:22:57 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-26 14:32:43 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UI​AutomationTypes.ni.dll
MOD - [2014-02-26 13:22:08 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d​\PresentationFramework.ni.dll
MOD - [2014-02-26 13:22:01 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.X​aml.ni.dll
MOD - [2014-02-26 13:21:59 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761​\System.Windows.Forms.ni.dll
MOD - [2014-02-26 13:21:53 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\Pre​sentationCore.ni.dll
MOD - [2014-02-26 13:21:50 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\Syste​m.Drawing.ni.dll
MOD - [2014-02-26 13:21:47 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.C​ore.ni.dll
MOD - [2014-02-26 13:21:46 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xm​l.ni.dll
MOD - [2014-02-26 13:21:44 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsB​ase.ni.dll
MOD - [2014-02-26 13:21:42 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e​\System.Configuration.ni.dll
MOD - [2014-02-26 13:21:42 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046​\PresentationFramework.Aero.ni.dll
MOD - [2014-02-26 13:21:40 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll​
MOD - [2014-02-26 13:21:35 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni​.dll
MOD - [2014-02-17 12:23:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\55da6ea9407e647930ccfa94f1d02567\IAStorUti​l.ni.dll
MOD - [2014-02-17 12:23:25 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33f1f62a80540af6dba6af268692c041\IAStorC​ommon.ni.dll
MOD - [2014-02-17 12:05:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b​\System.Runtime.Remoting.ni.dll
MOD - [2014-02-17 12:05:24 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc​\System.Windows.Forms.ni.dll
MOD - [2014-02-17 12:05:18 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\Syste​m.Drawing.ni.dll
MOD - [2014-02-17 12:04:46 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsB​ase.ni.dll
MOD - [2014-02-17 12:04:41 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xm​l.ni.dll
MOD - [2014-02-17 12:04:38 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93​\System.Configuration.ni.dll
MOD - [2014-02-17 12:04:37 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll​
MOD - [2014-02-17 12:04:31 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni​.dll
MOD - [2014-01-03 02:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013-12-19 22:33:31 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2013-10-19 01:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013-05-16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013-05-16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012-08-15 10:38:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\\System.Ru​ntime.Remoting.resources.dll
MOD - [2012-08-15 01:41:35 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2012-08-15 01:39:40 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
MOD - [2011-12-08 11:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MOD - [2011-06-02 13:58:18 | 000,132,448 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
MOD - [2011-06-02 13:57:44 | 000,161,120 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
MOD - [2010-11-13 04:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014-04-08 00:22:56 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014-04-02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014-02-06 12:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013-02-26 00:05:10 | 000,384,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2013-02-19 14:56:14 | 000,182,752 | R--- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013-02-19 14:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013-02-19 14:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012-08-31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012-02-02 22:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012-02-01 18:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011-12-23 18:51:22 | 000,120,160 | R--- | M] (Lenovo) [Auto | Stopped] -- C:\Windows\SysNative\NSDSvc.exe -- (NSDSvc)
SRV:64bit: - [2011-12-08 10:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011-12-08 10:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011-12-08 10:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011-12-08 10:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011-12-05 09:30:50 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011-12-05 08:55:36 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011-01-28 12:28:54 | 000,225,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2010-09-22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-03-29 12:03:13 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-08-23 03:24:05 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013-08-10 21:09:52 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013-08-10 21:09:52 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013-03-01 13:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-07 06:03:02 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-28 11:20:02 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-28 11:19:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-28 11:19:46 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011-11-29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014-04-08 00:23:02 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-04-08 00:23:02 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014-04-08 00:23:01 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014-04-08 00:23:01 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014-04-08 00:23:01 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-04-08 00:23:01 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-04-08 00:23:00 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-03-21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-12-19 22:33:31 | 000,032,544 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013-03-12 01:06:04 | 000,283,200 | R--- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-02-19 14:59:06 | 000,070,112 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013-02-19 14:56:26 | 000,340,216 | R--- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013-02-19 14:55:14 | 000,106,552 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013-02-19 14:54:32 | 000,771,536 | R--- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013-02-19 14:53:42 | 000,515,968 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013-02-19 14:53:02 | 000,309,840 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013-02-19 14:52:44 | 000,179,280 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012-08-15 10:45:41 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-08-15 01:43:13 | 000,057,952 | R--- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2012-08-15 01:43:13 | 000,013,408 | R--- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2012-08-15 01:42:49 | 000,039,008 | R--- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012-08-15 01:42:49 | 000,030,816 | R--- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012-06-07 05:49:08 | 014,760,096 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-05-21 09:25:32 | 000,789,824 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-05-21 09:25:32 | 000,357,184 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-05-21 09:25:32 | 000,019,264 | R--- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-04-20 17:40:58 | 000,196,440 | R--- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012-03-02 12:49:20 | 000,104,048 | R--- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-02-02 05:07:18 | 000,615,976 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012-02-02 05:07:18 | 000,134,696 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012-02-02 05:07:12 | 000,211,496 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012-02-02 05:07:12 | 000,184,360 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012-02-02 05:07:12 | 000,039,976 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012-02-02 05:07:12 | 000,021,544 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012-01-27 10:00:28 | 000,109,056 | R--- | M] (Ozmo Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hswpan.sys -- (hswpan)
DRV:64bit: - [2012-01-26 18:37:24 | 000,034,200 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012-01-26 18:37:24 | 000,025,496 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011-12-23 17:45:50 | 000,024,160 | R--- | M] (Lenovo Corporation") [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nsd.sys -- (NSD)
DRV:64bit: - [2011-12-21 21:57:42 | 000,059,488 | R--- | M] (Lenovo Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Nsdfltr.sys -- (Nsdfltr)
DRV:64bit: - [2011-12-16 03:04:02 | 000,411,920 | R--- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011-12-06 13:23:10 | 000,331,264 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011-12-05 09:22:58 | 000,195,584 | R--- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011-12-05 09:22:58 | 000,195,584 | R--- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011-12-01 22:51:00 | 011,417,088 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011-11-29 19:40:32 | 000,568,600 | R--- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-11-09 19:04:14 | 000,060,184 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-10-10 09:56:15 | 000,107,904 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-10-10 09:56:15 | 000,027,008 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-09-06 17:28:38 | 008,208,488 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2011-08-25 04:21:00 | 000,173,656 | R--- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011-01-28 23:29:58 | 000,031,088 | R--- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-09-23 00:36:48 | 000,048,488 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009-07-21 14:20:06 | 000,121,840 | R--- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | R--- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | R--- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | R--- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:21:48 | 000,038,400 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTe...urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTe...urceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchTe...d=ie7&rlz=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain?...&bmod=KMOH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerm...ORM=IE11SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchgol.com/?q={searchTerms...3&tsp=4970
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?FORM=UP21DF&P...-SearchBox
IE - HKCU\..\SearchScopes\{E5A4AD13-191A-4FC3-959D-6D0224BE0F70}: "URL" = http://www.google.com/search?sourceid=ie...OH_plPL528
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files (x86)\DealPlyLive\Update\\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files (x86)\DealPlyLive\Update\\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014-02-17 11:53:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08 00:23:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-29 12:03:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013-03-12 01:45:27 | 000,000,000 | ---D | M]

[2013-03-11 20:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions
[2014-04-07 22:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions
[2013-08-10 21:09:44 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
[2014-04-01 17:48:02 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-08-10 21:12:55 | 000,006,547 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\babylon.xml
[2013-08-10 21:12:55 | 000,006,547 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\BrowserProtect​.xml
[2013-05-26 20:31:49 | 000,001,294 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\delta.xml
[2014-03-29 12:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-03-29 12:03:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-17 11:53:48 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnckahndcieonmmijnhgkecfcekfafp\2.8.2_0\
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.122.0_0\
CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe ()
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( )
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk = C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/sh...wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCA65E94-7C34-40F8-A3EE-534809337320}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F837BF0E-BE74-4B73-9CD5-8DC38909A2D9}: DhcpNameServer =
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1831-04-23 08:15:01 | 000,000,045 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{a6a70ce3-8a9d-11e2-94ee-08edb9d8fe93}\Shell - "" = AutoRun
O33 - MountPoints2\{a6a70ce3-8a9d-11e2-94ee-08edb9d8fe93}\Shell\AutoRun\command - "" = G:\CSetup.exe -- [1928-01-02 00:08:40 | 004,292,608 | R--- | M] (GSC Game World)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-04-08 07:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014-04-08 00:25:50 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\AVAST Software
[2014-04-08 00:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014-04-08 00:23:52 | 000,084,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-04-08 00:23:50 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-04-08 00:23:50 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-04-08 00:23:45 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-04-08 00:23:43 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-04-08 00:23:37 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-04-08 00:22:58 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-04-08 00:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014-04-08 00:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014-04-07 15:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014-04-07 15:54:49 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014-04-07 15:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014-04-07 15:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014-04-07 15:39:13 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-04-07 15:39:13 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-04-05 23:16:41 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cossacks - The Art Of War
[2014-04-05 23:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks - The Art Of War
[2014-04-05 23:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cossacks - The Art Of War
[2014-04-05 23:00:55 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kozacy - Europejskie boje
[2014-04-05 23:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kozacy - Europejskie boje
[2014-04-05 22:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cossacks
[2014-04-05 22:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2014-04-05 22:22:57 | 004,358,144 | R--- | C] (GSC Game World) -- C:\Windows\uncsetup.exe
[2014-04-05 22:22:16 | 000,000,000 | ---D | C] -- C:\GOG Games
[2014-03-31 12:31:11 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Microsoft Help
[2014-03-31 12:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014-03-31 11:37:19 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\screenyHEARTH
[2014-03-29 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-03-25 22:40:47 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber
[2014-03-25 22:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Antichamber
[2014-03-18 21:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CODEX
[2014-03-18 21:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Season 2 EP 2
[2014-03-18 21:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Walking Dead Season 2 EP 2

========== Files - Modified Within 30 Days ==========

[2014-04-08 07:39:51 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf49321ef9805a.job
[2014-04-08 07:39:51 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2014-04-08 07:38:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-04-08 07:38:36 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys
[2014-04-08 00:30:40 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-04-08 00:25:37 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-04-08 00:24:57 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014-04-08 00:23:02 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-04-08 00:23:02 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-04-08 00:23:01 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-04-08 00:23:01 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-04-08 00:23:01 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-04-08 00:23:01 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-04-08 00:23:01 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-04-08 00:23:00 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-04-08 00:22:58 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-04-07 20:34:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf49321f95c2a4.job
[2014-04-07 20:31:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-04-07 20:15:50 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job
[2014-04-07 15:54:53 | 000,001,394 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014-04-07 12:10:01 | 000,001,128 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk
[2014-04-05 22:59:43 | 000,053,248 | ---- | M] () -- C:\Windows\SysWow64\unrar.dll
[2014-04-05 22:28:47 | 004,358,144 | R--- | M] (GSC Game World) -- C:\Windows\uncsetup.exe
[2014-04-05 22:24:51 | 000,001,725 | ---- | M] () -- C:\Users\Public\Desktop\Age of Wonders III.lnk
[2014-04-05 12:00:25 | 000,125,158 | ---- | M] () -- C:\Users\Adam\Desktop\tusk.jpg
[2014-04-03 23:01:06 | 000,278,773 | ---- | M] () -- C:\Users\Adam\Desktop\wipla.jpg
[2014-04-02 23:32:25 | 000,002,009 | ---- | M] () -- C:\Users\Adam\Desktop\Kindle.lnk
[2014-04-02 15:27:17 | 001,081,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-04-02 15:27:05 | 001,225,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-03-26 18:50:55 | 000,011,590 | ---- | M] () -- C:\Users\Adam\AppData\Local\recently-used.xbel
[2014-03-26 18:49:44 | 000,016,511 | ---- | M] () -- C:\Users\Adam\pspp.jnl
[2014-03-26 18:49:28 | 000,001,434 | ---- | M] () -- C:\Users\Adam\AppData\Local\psppirerc
[2014-03-25 22:40:46 | 000,002,125 | ---- | M] () -- C:\Users\Adam\Desktop\Antichamber.lnk
[2014-03-21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-03-21 21:43:50 | 000,037,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-03-21 21:43:50 | 000,033,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-03-18 21:05:45 | 000,000,982 | ---- | M] () -- C:\Users\Adam\Desktop\The Walking Dead Season 2 EP 2.lnk
[2014-03-18 20:39:07 | 000,015,793 | ---- | M] () -- C:\Users\Adam\Desktop\praca domowa.odt
[2014-03-16 19:40:34 | 000,000,234 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job

========== Files Created - No Company Name ==========

[2014-04-08 00:25:37 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-04-08 00:24:57 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014-04-08 00:23:51 | 000,208,928 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-04-08 00:23:50 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-04-07 15:54:53 | 000,001,406 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014-04-07 15:54:53 | 000,001,394 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014-04-05 22:59:43 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014-04-05 22:24:51 | 000,001,725 | ---- | C] () -- C:\Users\Public\Desktop\Age of Wonders III.lnk
[2014-04-05 11:59:39 | 000,125,158 | ---- | C] () -- C:\Users\Adam\Desktop\tusk.jpg
[2014-04-03 23:01:06 | 000,278,773 | ---- | C] () -- C:\Users\Adam\Desktop\wipla.jpg
[2014-03-26 22:29:44 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf49321f95c2a4.job
[2014-03-26 22:29:43 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf49321ef9805a.job
[2014-03-26 18:50:55 | 000,011,590 | ---- | C] () -- C:\Users\Adam\AppData\Local\recently-used.xbel
[2014-03-26 18:49:28 | 000,001,434 | ---- | C] () -- C:\Users\Adam\AppData\Local\psppirerc
[2014-03-25 22:40:46 | 000,002,125 | ---- | C] () -- C:\Users\Adam\Desktop\Antichamber.lnk
[2014-03-18 21:05:45 | 000,000,982 | ---- | C] () -- C:\Users\Adam\Desktop\The Walking Dead Season 2 EP 2.lnk
[2014-03-17 22:57:49 | 000,015,793 | ---- | C] () -- C:\Users\Adam\Desktop\praca domowa.odt
[2014-03-16 19:40:34 | 000,000,234 | ---- | C] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
[2014-03-10 00:51:56 | 000,001,128 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk
[2014-03-05 16:56:20 | 000,000,000 | ---- | C] () -- C:\Users\Adam\AppData\Local\{FA72FB75-9421-42F2-8D31-88D428B738D6}
[2014-01-21 23:18:02 | 000,000,000 | ---- | C] () -- C:\Users\Adam\AppData\Local\{A114EFB8-5E28-428D-B4D3-725372A0D6CE}
[2014-01-13 01:15:14 | 000,000,151 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\usde.conf
[2014-01-08 18:03:51 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2013-08-12 01:21:26 | 000,000,005 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013-08-10 22:09:11 | 000,000,074 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\WB.CFG
[2013-08-10 22:09:11 | 000,000,005 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\WBPU-TTL.DAT
[2013-07-27 15:09:12 | 000,000,059 | ---- | C] () -- C:\Windows\RUNAWAY.INI
[2013-05-30 16:55:39 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe
[2013-04-12 20:11:01 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-04-02 22:52:51 | 000,114,176 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\BabMaint.exe
[2013-03-15 16:42:41 | 000,001,455 | ---- | C] () -- C:\Users\Adam\statystyka 15.03.sav
[2013-03-15 00:03:31 | 000,016,511 | ---- | C] () -- C:\Users\Adam\pspp.jnl
[2013-03-11 18:55:44 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012-08-15 01:41:44 | 002,086,240 | ---- | C] () -- C:\Windows\SysWow64\LenovoVeriface.Interface.dll
[2012-08-15 01:41:44 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll
[2012-08-15 01:41:44 | 000,472,416 | ---- | C] () -- C:\Windows\SysWow64\Lenovo.VerifaceStub.dll
[2012-08-15 01:41:43 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll
[2012-08-15 01:41:33 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
[2012-08-15 01:12:17 | 001,643,124 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-07-09 02:56:50 | 000,755,572 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-07-09 02:56:45 | 000,559,972 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-07-09 02:56:42 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-07-09 02:56:36 | 013,026,816 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll

========== ZeroAccess Check ==========

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64


[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64


[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both


I kawałek, który się nie zmieścił:

========== Files - Unicode (All) ==========
[2013-11-24 23:18:23 | 105,952,601 | ---- | M] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b
[2013-11-24 16:22:28 | 105,952,601 | ---- | C] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b
[2013-11-19 11:01:03 | 105,029,326 | ---- | M] ()(C:\Windows\SysWow64\?) -- C:\Windows\SysWow64\櫦簔“
[2013-11-19 11:01:03 | 105,029,326 | ---- | C] ()(C:\Windows\
Post: #5

RE: Nieoryginalny oryginalny windows + dziwny problem

A gdzie jest plik Extras ? Zadowolony

Post: #6

RE: Nieoryginalny oryginalny windows + dziwny problem

Dokładnie,zamieść jeszcze drugi log "Extras.txt",bedzie komplet to postaram się jutro przeanalizować wszystko.

Post: #7

RE: Nieoryginalny oryginalny windows + dziwny problem

Wklejam Extras.txt, dzięki za pomoc!

Cytat:OTL Extras logfile created on: 2014-04-08 23:21:20 - Run 1
OTL by OldTimer - Version Folder = C:\Users\Adam\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 71,00% Memory free
16,00 Gb Paging File | 12,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 457,06 Gb Free Space | 51,57% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 21,69 Gb Free Space | 85,15% Space Free | Partition Type: NTFS
Drive G: | 209,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: KOMPUTER-ADAMA | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Adam\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Adam\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

"EnableFirewall" = 1
"DisableNotifications" = 0

"EnableFirewall" = 1
"DisableNotifications" = 0

"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{286BC311-31E9-4D0B-9FCE-44F8AA90D553}" = calibre 64bit
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}" = Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed
"{4169B8AC-D144-4E38-A9CA-637EA44129ED}" = Sterownik urządzenia Intel® Wireless Music
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Oprogramowanie Intel® PROSet/Wireless WiFi
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"99841829BE839365AA67B2AD0E50D371F59F8A1E" = Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UDK-2c8e676f-ea60-473c-8e88-817e6b56b6f1" = My Game Long Name
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D7B2BBC-049E-44C0-96D8-AD35EE676548}" = To the Moon
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28599CEE-974A-4AFA-8484-C6FC94984330}" = Majesty Złota Edycja
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}" = Nsd
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel® WiDi
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F08B250-6805-4CBA-8014-6D927767A3F6}" = Zeus Pan Olimpu - Złota Edycja
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish
"{AF192694-4B15-4AC1-92F3-1B02E98C08BD}" = LockKey
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3C80E77-E549-4F76-BC07-61DDBD950345}" = Silent Hill 2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{D7556F86-8878-4AAD-8755-6146D4500EB0}_is1" = Wiedźmin 2 Edycja Rozszerzona
"{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}" = OpenOffice 4.0.1
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Podręcznik użytkownika
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}" = Intelligent Touchpad
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon Kindle" = Amazon Kindle
"Avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"EW : Cossacks" = Kozacy - Europejskie boje
"FCECAECourse_is1" = FCE & CAE Course, Vocabulary Trainer
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes III Armageddon's Blade" = Heroes III Armageddon's Blade
"Heroes III The Restoration of Erathia" = Heroes III The Restoration of Erathia
"Heroes III The Shadow of Death" = Heroes III The Shadow of Death
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}" = LockKey
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Mozilla Firefox 28.0 (x86 pl)" = Mozilla Firefox 28.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"MultiBit 0.5.13" = MultiBit 0.5.13
"ppslow_60_is1" = Profesor Pedro Słownictwo 6.0
"Risen 2_is1" = Risen 2
"Runaway a Road Adventure PL" = Runaway a Road Adventure PL
"slow_12_60_is1" = Profesor Henry 6.0 Słownictwo poziom 1 i 2
"slow_34_60_is1" = Profesor Henry 6.0 Słownictwo poziom 3 i 4
"Stronghold 3_is1" = Stronghold 3
"Stronghold_is1" = Twierdza
"SugarSync" = SugarSync Manager
"Syberia_is1" = Syberia
"Syberia2_is1" = Syberia 2
"T3V0bGFzdA==_is1" = Outlast
"The Elder Scrolls V Skyrim_is1" = The Elder Scrolls V Skyrim
"The Walking Dead © 3_is1" = The Walking Dead © 3 version 1
"The Walking Dead Season 2 EP 2_is1" = The Walking Dead Season 2 EP 2
"To the Moon 1.0.0" = To the Moon
"Tombraider_is1" = Tombraider
"Total War Rome II_is1" = Total War Rome II
"VeriFace" = VeriFace
"VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1" = The Walking Dead: Season 2
"VLC media player" = VLC media player 2.0.8
"Warcraft III" = Warcraft III
"WinLiveSuite" = Podstawowe programy Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Liczba postów: 1.024
Post: #8

RE: Nieoryginalny oryginalny windows + dziwny problem

Uruchom "OTL: i wklej do niego w pole "Własne opcje skanowania skrypt:
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchgol.com/?q={searchTerms...3&tsp=4970
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775
[2013-08-10 21:12:55 | 000,006,547 | ---- | M] () --
[2013-05-26 20:31:49 | 000,001,294 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\delta.xml
O2 - BHO: (no name) - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
[2013-11-24 23:18:23 | 105,952,601 | ---- | M] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b
[2013-11-24 16:22:28 | 105,952,601 | ---- | C] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b
[2013-11-19 11:01:03 | 105,029,326 | ---- | M] ()(C:\Windows\SysWow64\?) -- C:\Windows\SysWow64\櫦簔“

Wykonaj skrypt i po restarcie pokaż raport z usuwania.Następnie pobierz darmowy "AdwCleaner" i przeskanuj nim system,usuń co znajdzie i pokaż raport.

"Avast" = avast! Free Antivirus
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"MSC" = McAfee Internet Security
Dwa antywirusy w systemie!Jak ma działać system dobrze skoro powoduje to mulenie i konflikty!Tylko jeden rezydentny antywirus!!
Do tego zamulający "Search&Destroy"...
Pozostaw tylko jeden,tu jak chcesz już albo Avast albo McAfee,a Search&Destroy" usuń.
Po tych zabiegach nowy log z "OTL" pokaż.
Jak zdecydujesz się usunąć McAfee to ściągnij do tego dedykowany deinstalator.

Do aktualizacji:
Adobe Reader X (10.1.0) - Polish
Skype™ 6.3
Java 7 Update 25
Java 7 update 51

Post: #9

RE: Nieoryginalny oryginalny windows + dziwny problem

Wkleiłem i za każdym razem gdy naciskam "Wykonaj skrypt", OTL momentalnie przestaje odpowiadać, nie odwiesza się nawet po długim czekaniu :/

Post: #10

RE: Nieoryginalny oryginalny Windows i dziwny problem

Nie dobrze...spróbuj w trybie awaryjnym uruchamiając "OTL" jako administrator,jak dalej nic to spróbujemy innych metod...

Post: #11

RE: Nieoryginalny oryginalny Windows i dziwny problem

Po długich zmaganiach udało się wykonać skrypt w trybie awaryjnym i zaktualizować podane programy Uśmiechnięty Coś się dziwnego stało, bo usunąłem avirę już przed poprzednim logiem z otla, który tu wrzuciłem, a ona...wróciła sama z powrotem i nie da się jej usunąć przez panel sterowania, występuje błąd. Zaraz się zabieram za Adwcleaner, a teraz wklejam raport z usuwania z OTL'a:

Cytat:All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
File 13-08-10 21:12:55 | 000,006,547 | ---- | M] () -- not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\delta.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ not found.
C:\Windows\SysWOW64\濿㷋b moved successfully.
File C:\Windows\SysWow64\濿㷋b not found.
C:\Windows\SysWOW64\櫦簔“ moved successfully.
========== COMMANDS ==========


User: Adam
->Temp folder emptied: 529264421 bytes
->Temporary Internet Files folder emptied: 294821331 bytes
->Java cache emptied: 691025 bytes
->FireFox cache emptied: 19177007 bytes
->Google Chrome cache emptied: 7794205 bytes
->Flash cache emptied: 98674 bytes

User: All Users

User: Basia
->Temp folder emptied: 454288 bytes
->Temporary Internet Files folder emptied: 1059424 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 18367662 bytes
->Google Chrome cache emptied: 55877475 bytes
->Flash cache emptied: 709 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Desktop

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 35104 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36862938 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78240 bytes
RecycleBin emptied: 1748762927 bytes

Total Files Cleaned = 2 588,00 mb

OTL by OldTimer - Version log created on 04102014_151218

Files\Folders moved on Reboot...
File\Folder C:\Users\Adam\AppData\Local\Temp\etilqs_aruscd78rSHndy5 not found!
File\Folder C:\Users\Adam\AppData\Local\Temp\etilqs_qSG5Wim4lYqQetn not found!
C:\Users\Adam\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Adam\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\a7s3se1d.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\a7s3se1d.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\a7s3se1d.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\a7s3se1d.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\a7s3se1d.default\_CACHE_CLEAN_ moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

A oto log po wyczyszczeniu adwcleanerem:

Cytat:# AdwCleaner v3.023 - Log utworzony 10/04/2014 o 15:40:05
# Aktualizacja 01/04/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Adam - KOMPUTER-ADAMA
# Ścieżka : C:\Users\Adam\Downloads\adwcleaner.exe
# Opcja : Usuń

***** [ Usługi ] *****

[#] Usługa Usunięto : dealplylive
[#] Usługa Usunięto : dealplylivem

***** [ Pliki / Foldery ] *****

Folder Usunięto : C:\ProgramData\Babylon
Folder Usunięto : C:\ProgramData\boost_interprocess
Folder Usunięto : C:\ProgramData\DealPlyLive
Folder Usunięto : C:\ProgramData\eSafe
Folder Usunięto : C:\ProgramData\Partner
Folder Usunięto : C:\ProgramData\Tarma Installer
Folder Usunięto : C:\Program Files (x86)\DealPly
Folder Usunięto : C:\Program Files (x86)\DealPlyLive
Folder Usunięto : C:\Program Files (x86)\Delta
Folder Usunięto : C:\Program Files (x86)\Trymedia
Folder Usunięto : C:\Users\Adam\Qtrax
Folder Usunięto : C:\Users\Adam\AppData\Local\CrashRpt
Folder Usunięto : C:\Users\Adam\AppData\Local\DealPlyLive
Folder Usunięto : C:\Users\Adam\AppData\LocalLow\Delta
Folder Usunięto : C:\Users\Adam\AppData\Roaming\BabSolution
Folder Usunięto : C:\Users\Adam\AppData\Roaming\Babylon
Folder Usunięto : C:\Users\Adam\AppData\Roaming\DealPly
Folder Usunięto : C:\Users\Adam\AppData\Roaming\Delta
Folder Usunięto : C:\Users\Adam\AppData\Roaming\DSite
Folder Usunięto : C:\Users\Adam\AppData\Roaming\eIntaller
Folder Usunięto : C:\Users\Adam\AppData\Roaming\file scout
Folder Usunięto : C:\Users\Adam\AppData\Roaming\OpenCandy
Folder Usunięto : C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Usunięto : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
Folder Usunięto : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi
Folder Usunięto : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Usunięto : C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Usunięto : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Plik Usunięto : C:\Users\Adam\AppData\Roaming\BabMaint.exe
Plik Usunięto : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\Babylon.xml
Plik Usunięto : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\BrowserProtect​.xml
Plik Usunięto : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
Plik Usunięto : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\user.js
Plik Usunięto : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Plik Usunięto : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Plik Usunięto : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Plik Usunięto : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyUpdate
Plik Usunięto : C:\Windows\System32\Tasks\EPUpdater
Plik Usunięto : C:\Windows\System32\Tasks\QtraxPlayer

***** [ Skróty ] *****

Skrót Wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Skrót Wyleczono : C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Rejestr ] *****

Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Klucz Usunięto : HKLM\SOFTWARE\Classes\*\shell\filescout
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klucz Usunięto : HKLM\SOFTWARE\Classes\d
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaappCore
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klucz Usunięto : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Klucz Usunięto : HKCU\Software\e288d1bc3aef44
Klucz Usunięto : HKLM\SOFTWARE\e288d1bc3aef44
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klucz Usunięto : HKCU\Software\Alexa Internet
Klucz Usunięto : HKCU\Software\BabSolution
Klucz Usunięto : HKCU\Software\BI
Klucz Usunięto : HKCU\Software\DataMngr
[#] Klucz Usunięto : HKCU\Software\DataMngr_Toolbar
Klucz Usunięto : HKCU\Software\DealPly
Klucz Usunięto : HKCU\Software\DealPlyLive
Klucz Usunięto : HKCU\Software\Delta
Klucz Usunięto : HKCU\Software\dsiteproducts
Klucz Usunięto : HKCU\Software\filescout
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\qtrax
Klucz Usunięto : HKCU\Software\WEDLMNGR
Klucz Usunięto : HKLM\Software\Babylon
Klucz Usunięto : HKLM\Software\Conduit
Klucz Usunięto : HKLM\Software\DataMngr
Klucz Usunięto : HKLM\Software\DealPly
Klucz Usunięto : HKLM\Software\DealPlyLive
Klucz Usunięto : HKLM\Software\Delta
Klucz Usunięto : HKLM\Software\eSafeSecControl
Klucz Usunięto : HKLM\Software\qvo6Software
Klucz Usunięto : HKLM\Software\Trymedia Systems
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Klucz Usunięto : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.16518

Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v28.0 (pl)

[ Plik : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\prefs.js ]

Wpis usunięty : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&tt=100313_9111gen&babsrc=HP_ss&mntrId=E4F89C4E364C9A69");
Wpis usunięty : user_pref("avg.install.userSPSettings", "Delta Search");
Wpis usunięty : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=E4F89C4E364C9A69&affID=119357&tt=070813_wt3&tsp=4970");
Wpis usunięty : user_pref("browser.search.order.1", "Delta Search");
Wpis usunięty : user_pref("extensions.delta.admin", false);
Wpis usunięty : user_pref("extensions.delta.aflt", "babsst");
Wpis usunięty : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Wpis usunięty : user_pref("extensions.delta.autoRvrt", "false");
Wpis usunięty : user_pref("extensions.delta.dfltLng", "en");
Wpis usunięty : user_pref("extensions.delta.excTlbr", false);
Wpis usunięty : user_pref("extensions.delta.ffxUnstlRst", true);
Wpis usunięty : user_pref("extensions.delta.id", "e4f886350000000000009c4e364c9a69");
Wpis usunięty : user_pref("extensions.delta.instlDay", "15927");
Wpis usunięty : user_pref("extensions.delta.instlRef", "sst");
Wpis usunięty : user_pref("extensions.delta.newTab", false);
Wpis usunięty : user_pref("extensions.delta.prdct", "delta");
Wpis usunięty : user_pref("extensions.delta.prtnrId", "delta");
Wpis usunięty : user_pref("extensions.delta.rvrt", "false");
Wpis usunięty : user_pref("extensions.delta.smplGrp", "none");
Wpis usunięty : user_pref("extensions.delta.tlbrId", "base");
Wpis usunięty : user_pref("extensions.delta.tlbrSrchUrl", "");
Wpis usunięty : user_pref("extensions.delta.vrsn", "");
Wpis usunięty : user_pref("extensions.delta.vrsnTs", "");
Wpis usunięty : user_pref("extensions.delta.vrsni", "");
Wpis usunięty : user_pref("extensions.delta_i.babExt", "");
Wpis usunięty : user_pref("extensions.delta_i.babTrack", "affID=119357&tt=070813_wt3&tsp=4970");
Wpis usunięty : user_pref("extensions.delta_i.srcExt", "ss");

[ Plik : C:\Users\Basia\AppData\Roaming\Mozilla\Firefox\Profiles\ttz7v4o2.default\prefs.js ]

-\\ Google Chrome v33.0.1750.154

[ Plik : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Usunięto : icon_url
Usunięto : homepage
Usunięto : search_url
Usunięto : keyword

[ Plik : C:\Users\Basia\AppData\Local\Google\Chrome\User Data\Default\preferences ]


AdwCleaner[R0].txt - [23659 octets] - [10/04/2014 15:38:50]
AdwCleaner[S0].txt - [21708 octets] - [10/04/2014 15:40:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21769 octets] ##########
(Ten post był ostatnio modyfikowany: 10.04.2014 14:48 przez Sido92.)

Post: #12

RE: Nieoryginalny oryginalny Windows i dziwny problem

Ok,ładnie,co do Avira,to zrób kto,zainstaluj na nowo,po czym usuń,ale za pomocą darmowego Advanced Uninstaler Pro który jest lepszy od systemowego deinstalatora.

Post: #13

RE: Nieoryginalny oryginalny Windows i dziwny problem

Zrobiłem wszystko co powiedziałeś i odczułem znaczną poprawę, część problemów udało się rozwiązać Uśmiechnięty Pozostał tylko kłopot z windowsem, zniknął komunikat o nieoryginalności na pulpicie, ale wciąż co jakiś czas wyskakuje okienko z takim powiadomieniem, a we właściwościach komputera wciąż nie widzę aktywacji systemu, tylko napis "Niedostępne". W dodatku pojawia się to co wcześniej (jeżeli nie przekręciłem) "Program instrumentalizacja Windows przestał działać" i pasek ładowania.

Post: #14

RE: Nieoryginalny oryginalny Windows i dziwny problem

"Program instrumentalizacja Windows przestał działać" co do tego to pokaż screen.
Pytanie ,masz system oryginalny?(Możesz odpowiedzieć na PW,nie chcę by temat trafił do kosza).
Zrób nowy skan "OTL" i pokaż nowy log.

Użyj jeszcze ten program i pokaż raport z niego,nic nie usuwaj jeśli coś zostanie znalezione na razie:

Ostatni Mohikanin

Post: #15

RE: Nieoryginalny oryginalny Windows i dziwny problem

Microsoft Genuine Advantage Diagnostic Tool.
Tym się sprawdza stan aktywacji jak i informacjie o systemie - począwszy od kanału dystrybucji, wersji, buildu, identyfikatora systemu, po częściowy nr klucza itp itd.

Post: #16

RE: Nieoryginalny oryginalny Windows i dziwny problem

thermalfake oryginalność Windowsa nic tu nie ma do rzeczy.po logach mówię Ci już że system jest oryginalny o ile dobrze pamiętam z tego tematu.

Post: #17

RE: Nieoryginalny oryginalny Windows i dziwny problem

Cytat:Pytanie ,masz system oryginalny?(Możesz odpowiedzieć na PW,nie chcę by temat trafił do kosza).

Tutaj widzę Twe wątpliwości w ostatnim poście więc jak się to ma do

Cytat:po logach mówię Ci już że system jest oryginalny o ile dobrze pamiętam z tego tematu.

Ja podałem jeden ze sposobów i niektórych delikwentów tak biorę na odstrzał. Ja nie mówię, że jest nie oryginalny. Tym narzędziem sprawdzić można faktycznie co to za system (czy forumowicz pisze prawdę), stan aktywacji i ewentualnie dlaczego nie przebiegła pomyślnie.

Cytat:oryginalność Windowsa nic tu nie ma do rzeczy

Do samego problemu nie i z tym się zgadzam natomiast mam alergię na piratów. Albo się bawimy uczciwie po obu stronach - poświęcam komuś za free czas albo niech amator cudzej własności sam sobie płaci za naprawę. Proste i uczciwe.

