SpeedLoop utworzono 30 listopada 2012 utworzono 30 listopada 2012 Dzisiaj złapałam wyżej wymienionego wirusa. Mój system to Windows 7. Nie mam pojęcia jak to usunąć, błagam o wytłumaczenie mi tego krok po kroku, chcę się tego pozbyć jak najszybciej. OTL: [color=#0000FF][log]OTL logfile created on: 11/30/2012 2:13:21 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ewcia\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.86 Gb Total Physical Memory | 3.11 Gb Available Physical Memory | 80.56% Memory free 7.71 Gb Paging File | 7.02 Gb Available in Paging File | 91.09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 683.54 Gb Total Space | 579.36 Gb Free Space | 84.76% Space Free | Partition Type: NTFS Computer Name: DRAGO | User Name: Ewcia | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012/11/30 02:05:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ewcia\Desktop\OTL.exe PRC - [2012/10/28 10:55:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012/10/28 10:55:45 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2012/10/09 12:53:40 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012/11/30 02:05:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ewcia\Desktop\OTL.exe MOD - [2012/10/28 10:55:45 | 014,676,448 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012/10/28 10:55:45 | 002,560,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll MOD - [2012/10/28 10:55:45 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012/10/28 10:55:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012/10/28 10:55:45 | 000,816,608 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012/10/28 10:55:45 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012/10/28 10:55:45 | 000,370,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012/10/28 10:55:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012/10/28 10:55:45 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012/10/28 10:55:45 | 000,172,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012/10/28 10:55:45 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012/10/28 10:55:45 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012/10/28 10:55:45 | 000,124,384 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll MOD - [2012/10/28 10:55:45 | 000,096,224 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012/10/28 10:55:45 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012/10/28 10:55:45 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012/10/28 10:55:45 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012/10/28 10:55:45 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012/10/28 10:55:45 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012/10/28 10:55:45 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012/10/28 10:55:45 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012/10/09 12:53:40 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012/10/09 12:53:40 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe MOD - [2012/10/08 08:48:51 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012/10/08 08:48:03 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012/10/08 08:41:28 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012/08/24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012/08/20 18:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012/08/20 18:37:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012/06/06 08:37:58 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll MOD - [2012/06/06 08:37:58 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll MOD - [2012/06/02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012/06/02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2012/06/02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012/06/02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012/03/03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2012/01/04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011/11/17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010/11/21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010/11/21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010/11/21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010/11/21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010/11/21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010/11/21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010/11/21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010/11/21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010/11/21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010/11/21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010/11/21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010/11/21 04:24:08 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll MOD - [2010/11/21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010/11/21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010/11/21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010/11/21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010/11/21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009/07/14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009/07/14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009/07/14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009/07/14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009/07/14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009/07/14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009/07/14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009/07/14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009/07/14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009/07/14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012/11/08 15:52:31 | 000,711,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012/10/28 10:55:45 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/09 12:53:42 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/09/22 19:16:41 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/06/12 00:52:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/03/14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011/03/02 05:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011/02/15 19:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011/02/01 22:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011/02/01 22:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/09/28 02:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010/09/14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://acer.msn.com"]http://acer.msn.com[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://acer.msn.com"]http://acer.msn.com[/url] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://acer.msn.com"]http://acer.msn.com[/url] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [url="http://acer.msn.com"]http://acer.msn.com[/url] [binary data] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="https://isearch.avg.com/?cid={EAC11728-F058-477A-A27D-52DD3D7A8298}&mid=9f18ef14314047d0bdec6939b27eb68c-f95522695add3ba16214eb54a7544a7f1af684f1&lang=pl&ds=xn011&pr=sa&d=2012-09-15"]https://isearch.avg....sa&d=2012-09-15[/url] 16:27:10&v=12.2.5.34&sap=hp IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/?q={searchTerms}&affID=110819&tt=100512_1_&babsrc=SP_ss&mntrId=326ff50a000000000000ccaf782f4c46"]http://search.babylo...000ccaf782f4c46[/url] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{38411B77-9637-44E0-82C3-A479854B07B9}: "URL" = [url="http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}"]http://start.funmood...q={searchTerms}[/url] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="https://isearch.avg.com/search?cid={EAC11728-F058-477A-A27D-52DD3D7A8298}&mid=9f18ef14314047d0bdec6939b27eb68c-f95522695add3ba16214eb54a7544a7f1af684f1&lang=pl&ds=xn011&pr=sa&d=2012-09-15"]https://isearch.avg....sa&d=2012-09-15[/url] 16:27:10&v=12.2.5.34&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [url="http://www.daemon-search.com/search?q={searchTerms}"]http://www.daemon-se...q={searchTerms}[/url] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = [url="http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8xgJMY9N&i=26"]http://mystart.incre...6R8xgJMY9N&i=26[/url] IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.wp.pl/" FF - prefs.js..extensions.enabledAddons: IplextoALL@ALLPlayer.org:0.7.0 FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.485 FF - prefs.js..extensions.enabledAddons: YouTubetoALL@ALLPlayer.org:0.8.2 FF - prefs.js..keyword.URL: "http://google.pl" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/09/15 11:23:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/08 15:52:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 10:55:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/28 10:55:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 10:55:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/28 10:55:43 | 000,000,000 | ---D | M] [2012/03/04 17:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Extensions [2012/11/28 20:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Firefox\Profiles\htinnq2b.default\extensions [2012/11/07 00:49:29 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Firefox\Profiles\htinnq2b.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} [2012/10/26 13:53:09 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Firefox\Profiles\htinnq2b.default\extensions\IplextoALL@ALLPlayer.org [2012/05/17 02:36:40 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Firefox\Profiles\htinnq2b.default\extensions\plugin@yontoo.com [2012/11/04 13:39:34 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Ewcia\AppData\Roaming\mozilla\Firefox\Profiles\htinnq2b.default\extensions\YouTubetoALL@ALLPlayer.org [2012/07/15 23:56:33 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Ewcia\AppData\Roaming\mozilla\firefox\profiles\htinnq2b.default\extensions\IplextoALL@ALLPlayer.org.xpi [2012/10/26 22:35:19 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Ewcia\AppData\Roaming\mozilla\firefox\profiles\htinnq2b.default\extensions\YouTubetoALL@ALLPlayer.org.xpi [2012/04/08 23:03:47 | 000,001,800 | ---- | M] () -- C:\Users\Ewcia\AppData\Roaming\mozilla\firefox\profiles\htinnq2b.default\searchplugins\funmoods.xml [2012/06/27 13:32:28 | 000,002,203 | ---- | M] () -- C:\Users\Ewcia\AppData\Roaming\mozilla\firefox\profiles\htinnq2b.default\searchplugins\MyStart Search.xml [2012/10/28 10:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/09/15 11:23:26 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/10/28 10:55:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/08/30 17:06:34 | 000,120,984 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2012/06/28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012/02/16 12:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012/11/08 15:52:33 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/05/17 02:36:50 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012/02/16 12:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012/02/16 12:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012/02/16 12:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012/02/16 12:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012/02/16 12:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Pomocnik logowania za pomocą identyfikatora Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (ADDICT-THING Class) - {A11B6A6B-805A-B767-D849-B54E4374C90C} - C:\ProgramData\ADDICT-THING\bhoclass.dll () O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe () O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLCinema) O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\Run: [CTSTray] C:\Program Files (x86)\CTS\Tray\CTSTray.exe () O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\RunOnce: [32740BEA2035F50A00003273D979F8BC] C:\ProgramData\32740BEA2035F50A00003273D979F8BC\32740BEA2035F50A00003273D979F8BC.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 10.5.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1433A20A-A973-4AA4-AF01-EA2C06C82C35}: DhcpNameServer = 192.168.1.250 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{832B4AC7-740D-4BD0-8510-1A9ED43D237B}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/10/30 15:56:49 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ] O32 - AutoRun File - [2007/10/30 15:56:57 | 000,870,400 | ---- | M] () - C:\autorun.dat -- [ NTFS ] O32 - AutoRun File - [2007/10/30 15:56:41 | 000,000,160 | ---- | M] () - C:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{30433ede-dc4e-11e0-874a-ccaf782f4c46}\Shell - "" = AutoRun O33 - MountPoints2\{30433ede-dc4e-11e0-874a-ccaf782f4c46}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MCODS - Reg Error: Value error. SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinFLAdrv.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: MCODS - Reg Error: Value error. SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012/11/30 02:05:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ewcia\Desktop\OTL.exe [2012/11/30 01:17:14 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection [2012/11/30 01:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\32740BEA2035F50A00003273D979F8BC [2012/11/26 15:55:19 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Roaming\Apple Computer [2012/11/25 16:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012/11/25 16:18:02 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Local\Apple [2012/11/25 16:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/11/25 16:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012/11/18 16:41:42 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\The Killers - Day & Age [2012/11/13 00:04:05 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\Matchbox Twenty - More Than You Think You Are [2012/11/13 00:02:58 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\Mat Kearney - Young Love (2011) [2012/11/12 00:35:41 | 000,000,000 | --SD | C] -- C:\Users\Ewcia\GG dysk [2012/11/12 00:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\GG [2012/11/12 00:33:12 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Roaming\GG [2012/11/12 00:33:11 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Local\GG [2012/11/04 13:11:31 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Local\{AFF003D1-7507-4D46-AE2D-E9DEEA508C4A} [2012/11/03 20:45:18 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\Pokahontaz - Rekontakt [2012/11/03 12:21:15 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\Theory Of A Deadman - The Truth Is... (2011) [2012/10/29 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\ewciowe [2012/10/28 10:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/10/27 18:46:52 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\czworokąty [2012/10/26 13:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader [2012/10/26 13:52:39 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Local\Programs [2012/10/12 17:45:12 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\Desktop\chemia [2012/10/08 19:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012/10/08 19:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2012/10/08 19:00:06 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012/10/08 18:59:52 | 000,000,000 | ---D | C] -- C:\Users\Ewcia\AppData\Roaming\Winamp [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012/11/30 02:05:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ewcia\Desktop\OTL.exe [2012/11/30 01:45:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/11/30 01:45:18 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2012/11/30 01:39:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/11/30 01:38:37 | 000,872,837 | ---- | M] () -- C:\Users\Ewcia\Desktop\Wirus-System-Progressive-Protection-InstrukcjaUsuwania.pdf [2012/11/30 01:19:46 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/11/30 01:17:14 | 000,002,068 | ---- | M] () -- C:\Users\Ewcia\Desktop\System Progressive Protection.lnk [2012/11/30 00:49:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/11/28 20:42:28 | 000,000,071 | ---- | M] () -- C:\Users\Ewcia\Desktop\www.NewAlbumReleases.net_Olly_Murs_-_Right_Place_Right_Time_CD2_(2012).rar [2012/11/28 18:23:45 | 098,129,072 | ---- | M] () -- C:\Users\Ewcia\Desktop\www.NewAlbumReleases.net_Olly Murs - Right Place Right Time CD1 (2012).rar [2012/11/27 20:20:26 | 018,039,153 | ---- | M] () -- C:\Users\Ewcia\Desktop\Amelia Lily - You Bring Me Joy (Acoustic).mp4 [2012/11/23 11:03:16 | 001,645,973 | ---- | M] () -- C:\Users\Ewcia\Desktop\Przedwiośnie.pdf [2012/11/19 16:29:59 | 000,024,576 | -H-- | M] () -- C:\Users\Ewcia\Desktop\photothumb.db [2012/11/19 16:29:33 | 003,432,178 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Bad Blood.mp3 [2012/11/16 01:02:08 | 006,186,642 | ---- | M] () -- C:\Users\Ewcia\Desktop\The Killers - When you were young.mp3 [2012/11/16 01:01:41 | 004,933,278 | ---- | M] () -- C:\Users\Ewcia\Desktop\The Killers - Somebody Told Me.mp3 [2012/11/16 00:47:37 | 004,159,019 | ---- | M] () -- C:\Users\Ewcia\Desktop\Brandon Flowers - Only The Young.mp3 [2012/11/12 22:54:19 | 004,284,021 | ---- | M] () -- C:\Users\Ewcia\Desktop\Tyrone Wells - Sink Or Swim.mp3 [2012/11/12 22:48:42 | 006,959,027 | ---- | M] () -- C:\Users\Ewcia\Desktop\Tyrone Wells - More.mp3 [2012/11/12 22:32:23 | 009,963,561 | ---- | M] () -- C:\Users\Ewcia\Desktop\Daughter - Youth.mp3 [2012/11/12 00:35:42 | 000,001,582 | ---- | M] () -- C:\Users\Ewcia\Desktop\GG dysk.lnk [2012/11/12 00:33:54 | 000,000,178 | ---- | M] () -- C:\Windows\wininit.ini [2012/11/12 00:33:20 | 000,001,103 | ---- | M] () -- C:\Users\Ewcia\Desktop\GG.lnk [2012/11/07 22:18:26 | 009,306,358 | ---- | M] () -- C:\Users\Ewcia\Desktop\The Script - Six Degrees Of Separation.mp3 [2012/11/04 13:39:34 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk [2012/11/02 22:30:14 | 003,182,424 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Icarus.mp3 [2012/11/02 22:05:26 | 008,803,959 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Pompeii.mp3 [2012/11/01 18:39:24 | 008,760,519 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Of the Night.mp3 [2012/10/30 14:07:30 | 003,524,180 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Flaws.mp3 [2012/10/30 12:40:19 | 003,280,119 | ---- | M] () -- C:\Users\Ewcia\Desktop\Bastille - Overjoyed.mp3 [2012/10/28 20:07:33 | 001,030,675 | ---- | M] () -- C:\Users\Ewcia\Desktop\WP_000080.jpg [2012/10/28 19:03:01 | 006,220,467 | ---- | M] () -- C:\Users\Ewcia\Desktop\Matt Cardle - Starlight.mp3 [2012/10/28 18:35:14 | 004,643,523 | ---- | M] () -- C:\Users\Ewcia\Desktop\Olly Murs feat. Flo Rida - Troublemaker.mp3 [2012/10/26 13:53:14 | 000,001,023 | ---- | M] () -- C:\Users\Ewcia\Desktop\ALLPlayer.lnk [2012/10/25 20:19:52 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2012/10/08 19:00:09 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2012/10/04 19:10:05 | 000,125,263 | ---- | M] () -- C:\Users\Ewcia\Desktop\chem1.jpg [2012/10/04 19:09:40 | 000,192,099 | ---- | M] () -- C:\Users\Ewcia\Desktop\chem2.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/11/30 01:38:37 | 000,872,837 | ---- | C] () -- C:\Users\Ewcia\Desktop\Wirus-System-Progressive-Protection-InstrukcjaUsuwania.pdf [2012/11/30 01:17:14 | 000,002,068 | ---- | C] () -- C:\Users\Ewcia\Desktop\System Progressive Protection.lnk [2012/11/28 20:42:19 | 000,000,071 | ---- | C] () -- C:\Users\Ewcia\Desktop\www.NewAlbumReleases.net_Olly_Murs_-_Right_Place_Right_Time_CD2_(2012).rar [2012/11/28 18:00:52 | 098,129,072 | ---- | C] () -- C:\Users\Ewcia\Desktop\www.NewAlbumReleases.net_Olly Murs - Right Place Right Time CD1 (2012).rar [2012/11/27 20:14:44 | 018,039,153 | ---- | C] () -- C:\Users\Ewcia\Desktop\Amelia Lily - You Bring Me Joy (Acoustic).mp4 [2012/11/25 16:18:01 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/11/23 11:03:05 | 001,645,973 | ---- | C] () -- C:\Users\Ewcia\Desktop\Przedwiośnie.pdf [2012/11/16 00:58:35 | 006,186,642 | ---- | C] () -- C:\Users\Ewcia\Desktop\The Killers - When you were young.mp3 [2012/11/16 00:53:23 | 004,933,278 | ---- | C] () -- C:\Users\Ewcia\Desktop\The Killers - Somebody Told Me.mp3 [2012/11/16 00:43:40 | 004,159,019 | ---- | C] () -- C:\Users\Ewcia\Desktop\Brandon Flowers - Only The Young.mp3 [2012/11/12 22:49:08 | 004,284,021 | ---- | C] () -- C:\Users\Ewcia\Desktop\Tyrone Wells - Sink Or Swim.mp3 [2012/11/12 22:43:10 | 006,959,027 | ---- | C] () -- C:\Users\Ewcia\Desktop\Tyrone Wells - More.mp3 [2012/11/12 22:26:33 | 009,963,561 | ---- | C] () -- C:\Users\Ewcia\Desktop\Daughter - Youth.mp3 [2012/11/12 00:35:42 | 000,001,582 | ---- | C] () -- C:\Users\Ewcia\Desktop\GG dysk.lnk [2012/11/12 00:33:20 | 000,001,103 | ---- | C] () -- C:\Users\Ewcia\Desktop\GG.lnk [2012/11/12 00:33:12 | 000,001,111 | ---- | C] () -- C:\Users\Ewcia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk [2012/11/07 22:13:37 | 009,306,358 | ---- | C] () -- C:\Users\Ewcia\Desktop\The Script - Six Degrees Of Separation.mp3 [2012/11/04 13:39:34 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk [2012/11/02 22:21:39 | 003,182,424 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Icarus.mp3 [2012/11/02 21:54:40 | 008,803,959 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Pompeii.mp3 [2012/11/01 18:35:21 | 008,760,519 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Of the Night.mp3 [2012/10/30 13:13:53 | 003,524,180 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Flaws.mp3 [2012/10/30 13:08:03 | 003,432,178 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Bad Blood.mp3 [2012/10/30 12:37:40 | 003,280,119 | ---- | C] () -- C:\Users\Ewcia\Desktop\Bastille - Overjoyed.mp3 [2012/10/28 20:06:20 | 001,030,675 | ---- | C] () -- C:\Users\Ewcia\Desktop\WP_000080.jpg [2012/10/28 18:36:50 | 006,220,467 | ---- | C] () -- C:\Users\Ewcia\Desktop\Matt Cardle - Starlight.mp3 [2012/10/28 18:33:49 | 004,643,523 | ---- | C] () -- C:\Users\Ewcia\Desktop\Olly Murs feat. Flo Rida - Troublemaker.mp3 [2012/10/08 19:00:09 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2012/10/04 19:10:05 | 000,125,263 | ---- | C] () -- C:\Users\Ewcia\Desktop\chem1.jpg [2012/10/04 19:09:40 | 000,192,099 | ---- | C] () -- C:\Users\Ewcia\Desktop\chem2.jpg [2012/09/23 17:17:49 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012/09/23 17:17:49 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2012/07/13 14:56:44 | 000,000,048 | ---- | C] () -- C:\Users\Ewcia\AppData\Local\DRAGO.cfg [2012/06/15 16:24:19 | 000,007,605 | ---- | C] () -- C:\Users\Ewcia\AppData\Local\Resmon.ResmonCfg [2012/03/09 19:41:13 | 000,000,178 | ---- | C] () -- C:\Windows\wininit.ini [2011/11/17 17:09:15 | 000,000,700 | -HS- | C] () -- C:\Users\Ewcia\AppData\Local\systemFL7.$dk [2011/11/04 20:57:18 | 000,000,163 | ---- | C] () -- C:\Windows\disney.ini [2011/09/22 19:16:42 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/09/22 19:16:34 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/09/11 19:35:11 | 001,575,678 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/04/06 12:14:44 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/04/06 12:14:42 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/04/06 12:14:39 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/04/06 11:36:23 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2011/10/15 14:57:47 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\.wtw [2012/05/17 02:36:22 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Babylon [2012/05/19 14:05:05 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\BitTorrent [2012/06/20 06:49:33 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\DAEMON Tools Lite [2012/10/28 14:38:10 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Gadu-Gadu 10 [2012/02/03 23:12:20 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\GanymedeNet [2012/11/29 23:37:06 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\GG [2012/07/22 15:43:55 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\ipla [2011/09/22 19:09:52 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Leadertech [2012/11/21 20:46:14 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Mp3tag [2012/06/09 22:24:39 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Need for Speed World [2011/09/29 15:21:47 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\OpenFM [2012/10/30 11:51:14 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\PhotoScape [2012/11/28 23:21:17 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\SoftGrid Client [2012/04/08 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\SumatraPDF [2011/09/11 19:35:40 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\TP [2011/09/11 09:45:03 | 000,000,000 | ---D | M] -- C:\Users\Ewcia\AppData\Roaming\Windows Live Writer [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2007/10/30 15:56:57 | 000,870,400 | ---- | M] () -- C:\autorun.dat [2007/10/30 15:56:41 | 000,000,160 | ---- | M] () -- C:\autorun.inf [2011/04/06 12:19:11 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2007/10/24 19:50:40 | 000,000,258 | ---- | M] () -- C:\dat.bin [2007/10/30 15:50:49 | 000,695,735 | ---- | M] () -- C:\Group0.cab [2007/10/30 15:51:43 | 000,000,036 | ---- | M] () -- C:\Group1.cab [2007/10/30 15:51:42 | 075,464,468 | ---- | M] () -- C:\Group10.cab [2007/10/30 15:50:15 | 006,458,669 | ---- | M] () -- C:\Group11.cab [2007/10/30 15:52:25 | 111,469,457 | ---- | M] () -- C:\Group110.cab [2007/10/30 15:52:27 | 004,353,168 | ---- | M] () -- C:\Group111.cab [2007/10/30 15:50:15 | 000,536,982 | ---- | M] () -- C:\Group112.cab [2007/10/30 15:50:49 | 000,001,295 | ---- | M] () -- C:\Group113.cab [2007/10/30 15:52:27 | 000,944,116 | ---- | M] () -- C:\Group114.cab [2007/10/30 15:50:15 | 000,000,676 | ---- | M] () -- C:\Group12.cab [2007/10/30 15:49:38 | 002,757,228 | ---- | M] () -- C:\Group13.cab [2007/10/30 15:51:42 | 000,014,750 | ---- | M] () -- C:\Group134.cab [2007/10/30 15:49:52 | 006,940,334 | ---- | M] () -- C:\Group135.cab [2007/10/30 15:54:56 | 010,776,597 | ---- | M] () -- C:\Group136.cab [2007/10/30 15:50:05 | 000,351,200 | ---- | M] () -- C:\Group137.cab [2007/10/30 15:55:00 | 000,000,036 | ---- | M] () -- C:\Group138.cab [2007/10/30 15:52:25 | 000,001,602 | ---- | M] () -- C:\Group139.cab [2007/10/30 15:49:48 | 033,546,010 | ---- | M] () -- C:\Group14.cab [2007/10/30 15:51:43 | 002,351,637 | ---- | M] () -- C:\Group15.cab [2007/10/30 15:55:00 | 006,844,737 | ---- | M] () -- C:\Group151.cab [2007/10/30 15:55:32 | 003,678,484 | ---- | M] () -- C:\Group152.cab [2007/10/30 15:50:05 | 035,899,970 | ---- | M] () -- C:\Group153.cab [2007/10/30 15:51:43 | 000,019,665 | ---- | M] () -- C:\Group16.cab [2007/10/30 15:50:07 | 000,566,461 | ---- | M] () -- C:\Group17.cab [2007/10/30 15:55:38 | 140,458,424 | ---- | M] () -- C:\Group18.cab [2007/10/30 15:50:49 | 000,000,036 | ---- | M] () -- C:\Group19.cab [2007/10/30 15:50:49 | 093,422,941 | ---- | M] () -- C:\Group2.cab [2007/10/30 15:54:50 | 201,398,784 | ---- | M] () -- C:\Group20.cab [2007/10/30 15:52:27 | 000,000,036 | ---- | M] () -- C:\Group21.cab [2007/10/30 15:55:29 | 036,466,538 | ---- | M] () -- C:\Group3.cab [2007/10/30 15:52:27 | 000,002,767 | ---- | M] () -- C:\Group4.cab [2007/10/30 15:50:09 | 003,526,886 | ---- | M] () -- C:\Group5.cab [2007/10/30 15:51:15 | 030,187,042 | ---- | M] () -- C:\Group6.cab [2007/10/30 15:49:37 | 002,741,922 | ---- | M] () -- C:\Group7.cab [2007/10/30 15:54:51 | 000,005,093 | ---- | M] () -- C:\Group8.cab [2007/10/30 15:51:43 | 000,024,202 | ---- | M] () -- C:\Group9.cab [2012/11/30 01:45:18 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2007/10/24 19:49:21 | 000,001,869 | ---- | M] () -- C:\microsoft.vc80.crt.manifest [2011/10/10 21:07:37 | 000,007,532 | ---- | M] () -- C:\mksbasel.cpp.log [2007/10/30 15:56:54 | 000,484,616 | ---- | M] (Microsoft Corporation) -- C:\msvcm80.dll [2007/10/30 15:56:55 | 001,021,192 | ---- | M] (Microsoft Corporation) -- C:\msvcm80d.dll [2007/10/30 15:56:55 | 000,505,096 | ---- | M] (Microsoft Corporation) -- C:\msvcp71.dll [2007/10/30 15:56:55 | 000,554,248 | ---- | M] (Microsoft Corporation) -- C:\msvcp80.dll [2007/10/30 15:56:55 | 001,041,672 | ---- | M] (Microsoft Corporation) -- C:\msvcp80d.dll [2007/10/30 15:56:55 | 000,353,544 | ---- | M] (Microsoft Corporation) -- C:\msvcr71.dll [2007/10/30 15:56:56 | 000,632,072 | ---- | M] (Microsoft Corporation) -- C:\msvcr80.dll [2007/10/30 15:56:56 | 001,180,936 | ---- | M] (Microsoft Corporation) -- C:\msvcr80d.dll [2012/11/30 01:45:22 | 4139,630,592 | -HS- | M] () -- C:\pagefile.sys [2007/10/24 19:50:41 | 000,001,462 | ---- | M] () -- C:\server.cfg [2007/10/30 15:56:56 | 000,386,312 | ---- | M] () -- C:\server.dll [2012/03/15 16:12:44 | 000,000,510 | ---- | M] () -- C:\settings.ini [2012/06/27 13:33:24 | 000,000,753 | ---- | M] () -- C:\user.js [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/12/29 11:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys [2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2010/12/29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C46995DA @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1D6686D8 < End of report > [/log][/color] [log]OTL Extras logfile created on: 11/30/2012 2:13:21 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ewcia\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.86 Gb Total Physical Memory | 3.11 Gb Available Physical Memory | 80.56% Memory free 7.71 Gb Paging File | 7.02 Gb Available in Paging File | 91.09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 683.54 Gb Total Space | 579.36 Gb Free Space | 84.76% Space Free | Partition Type: NTFS Computer Name: DRAGO | User Name: Ewcia | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0AE42090-1594-4F40-B2F5-FBFDC31D46B6}" = rport=10243 | protocol=6 | dir=out | app=system | "{189F0803-FB2B-44A3-A5F6-4079C9D98A59}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2B586A3F-CADE-407B-BDBE-C7E131B6B38E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4E30E24E-FD44-40AF-8FF0-3B036A78C554}" = lport=2869 | protocol=6 | dir=in | app=system | "{679D0E78-EB3A-4A48-A9D9-68288D28A07A}" = lport=10243 | protocol=6 | dir=in | app=system | "{A0BE558E-616C-4229-BB74-4F7BC3821DF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{AD8A6F6E-A646-42D5-A2FD-61A6F9CF7DD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{B58DB50A-4EC0-47F8-9743-63A67622DC0C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{BC045A24-DC33-4008-911D-50F251E5EBDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BC656C19-69AA-42B5-A68F-47B0CF93CEBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CC1B1BF1-3471-4D01-B749-F284D6B4F15B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ECA91AD4-5848-42AD-A273-212F854E93DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04BF5F16-3FCC-4E90-A5DD-BE34CA811467}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1208FE34-1FAC-4ECC-8E50-146B0A69EB2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2B9CF7D8-C987-42D6-A0BD-6954CA361EAA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{2F2A06AB-C637-4740-B8CB-00D805E95C73}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{43571913-0B83-4965-83A5-40934C0C4E80}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{51BFB55C-BB17-485F-90B4-0746B224975B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{51ED9016-AC3E-4FA7-9469-F7F867919F37}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5ADF8C3A-2D31-426B-9A83-3DB1FF7F8F36}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{6E7F0282-320B-4A28-912C-2063B3B942AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{7237EEDA-E724-43D3-B197-95CE4B31B91F}" = protocol=17 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{7E2323E4-D43E-4855-A140-D8854865DE80}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7E7D56D8-7BBB-4359-A6A3-27BDA14DE271}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{7FB988F3-3930-4D42-9C07-998CE38A5B02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{88B4CC7B-6A07-40C6-8C92-0CE6569C79AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8B07DFE1-4226-41B8-A96B-F8E0FA3C3FC2}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{8CEF9D5F-5139-4697-BBF8-0F1EBB8E6F16}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{98C95F2E-08F3-4613-A800-02877656B27F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9BA32027-323E-4C14-BA70-CBB78AB391D2}" = protocol=6 | dir=in | app=c:\program files\k2t\wtw\wtw.exe | "{A5874262-BEF4-4337-90C4-CA85CCC9C739}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{B8039D11-B402-4F84-8260-506FBC294650}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BD3A61B0-F837-429D-A03C-1537CD16188D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{C1172321-F250-4DAD-A7F6-F800FD7157B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CD25DBA1-3BAD-46EC-9CF2-C86677228B02}" = protocol=6 | dir=out | app=system | "{DA3FA338-2E5D-4CFE-B0FF-AA5E4E8D65A3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{E7B52B9C-EEFF-4323-9180-B5BEEA1A120B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F21F38D6-54BC-4E6C-9F43-A61E0A1323B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{2D77F408-E531-4DF6-967E-01F7AE239BEE}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | "TCP Query User{4FA961DB-520D-4E85-9404-A15F0A9C3163}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{7C607316-CFFC-4F17-BC82-0B4D2977DA74}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "TCP Query User{C75E5208-B97C-47C0-BB09-43FDE04BCA7C}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{2BE8314A-C6A0-4E42-A3CE-FBCEEB517E6F}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "UDP Query User{4B3A1B4A-AB7A-4BB8-A37A-D60D0838AE41}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{52151A8C-9463-4536-AD51-E3D875CA16B3}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | "UDP Query User{A5204BE4-B0EB-4F1A-B09F-C28F78B311F8}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker "{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java™ 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項 "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71277DC4-4217-462A-9FF4-62D7815B2C69}" = ADDICT-THING "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{76C064E2-BB99-4453-8FDA-42BC01AD0734}" = Control ActiveX del Windows Live Mesh per a connexions remotes "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7BA6DF02-B094-45D7-A3C9-BE3684253922}" = Urruneko konexioetarako Windows Live Mesh ActiveX kontrola "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources "{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0415-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D589CCA3-6B56-4237-8ED2-512152B97699}" = LG Android Drivers "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers "{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALL YouTube Downloader_is1" = ALL YouTube Downloader "ALLPlayer_is1" = ALLPlayer V5.X "AVG Secure Search" = AVG Security Toolbar "DAEMON Tools Lite" = DAEMON Tools Lite "DealPly" = DealPly "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Identity Card" = Identity Card "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "LastFM_is1" = Last.fm 1.5.4.27091 "LG PC Suite IV" = LG PC Suite IV "LManager" = Launch Manager "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mp3tag" = Mp3tag v2.53 "Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010 "PhotoScape" = PhotoScape "SkanerOnline" = mks_vir - online scanner "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-115354594-1442461755-3382605649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 7/14/2012 5:07:13 PM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/14/2012 7:06:55 PM | Computer Name = DRAGO | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: FlashPlayerPlugin_11_3_300_265.exe, wersja: 11.3.300.265, sygnatura czasowa: 0x4febd5ac Nazwa modułu powodującego błąd: NPSWF32_11_3_300_265.dll, wersja: 11.3.300.265, sygnatura czasowa: 0x4febd798 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002e1f6 Identyfikator procesu powodującego błąd: 0x1078 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6205776bb1f5 Ścieżka aplikacji powodującej błąd: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll Identyfikator raportu: 9ac98e78-ce08-11e1-970f-b870f49a5f7f Error - 7/15/2012 5:02:11 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 7:53:15 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 8:03:56 AM | Computer Name = DRAGO | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Nie można zamknąć aplikacji lub usługi Windows Search. Error - 7/15/2012 8:09:54 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 8:15:13 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 8:20:20 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 8:23:40 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = Error - 7/15/2012 8:59:30 AM | Computer Name = DRAGO | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 11/29/2012 8:21:53 PM | Computer Name = DRAGO | Source = DCOM | ID = 10010 Description = Error - 11/29/2012 8:22:18 PM | Computer Name = DRAGO | Source = DCOM | ID = 10010 Description = Error - 11/29/2012 8:40:09 PM | Computer Name = DRAGO | Source = DCOM | ID = 10010 Description = Error - 11/29/2012 8:45:14 PM | Computer Name = DRAGO | Source = sptd | ID = 262148 Description = Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error - 11/29/2012 8:45:28 PM | Computer Name = DRAGO | Source = Service Control Manager | ID = 7001 Description = Usługa Client Virtualization Handler zależy od usługi Application Virtualization Client, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 11/29/2012 8:45:29 PM | Computer Name = DRAGO | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk spldr sptd Wanarpv6 Error - 11/29/2012 8:45:34 PM | Computer Name = DRAGO | Source = DCOM | ID = 10005 Description = Error - 11/29/2012 8:45:39 PM | Computer Name = DRAGO | Source = DCOM | ID = 10005 Description = Error - 11/29/2012 8:45:43 PM | Computer Name = DRAGO | Source = DCOM | ID = 10005 Description = Error - 11/29/2012 8:45:43 PM | Computer Name = DRAGO | Source = DCOM | ID = 10005 Description = < End of report > [/log] RSIT: [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Ewcia at 2012-11-30 02:31:59 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 593 GB (85%) free of 700 GB Total RAM: 3948 MB (76% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 02:32:19, on 2012-11-30 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Users\Ewcia\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Ewcia.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://acer.msn.com"]http://acer.msn.com[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="https://isearch.avg.com/?cid={EAC11728-F058-477A-A27D-52DD3D7A8298}&mid=9f18ef14314047d0bdec6939b27eb68c-f95522695add3ba16214eb54a7544a7f1af684f1&lang=pl&ds=xn011&pr=sa&d=2012-09-15"]https://isearch.avg....sa&d=2012-09-15[/url] 16:27:10&v=12.2.5.34&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://acer.msn.com"]http://acer.msn.com[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://acer.msn.com"]http://acer.msn.com[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O2 - BHO: ADDICT-THING - {A11B6A6B-805A-B767-D849-B54E4374C90C} - C:\ProgramData\ADDICT-THING\bhoclass.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [CTSTray] C:\Program Files (x86)\CTS\Tray\CTSTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\RunOnce: [32740BEA2035F50A00003273D979F8BC] C:\ProgramData\32740BEA2035F50A00003273D979F8BC\32740BEA2035F50A00003273D979F8BC.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12952 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Ewcia\AppData\Roaming\Mozilla\Firefox\Profiles\htinnq2b.default prefs.js - "browser.startup.homepage" - "http://www.wp.pl/" prefs.js - "keyword.URL" - "http://google.pl" "{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox "avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.4.402.287 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0] "Description"=npganymedenet "Path"=C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\plugins\ npganymedenet.dll npganymedenet.xpt nppdf32.dll npwachk.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml avg-secure-search.xml babylon.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\Ewcia\AppData\Roaming\Mozilla\Firefox\Profiles\htinnq2b.default\extensions\ IplextoALL@ALLPlayer.org plugin@yontoo.com YouTubetoALL@ALLPlayer.org {88c7f2aa-f93f-432c-8f0e-b7d85967a527} C:\Users\Ewcia\AppData\Roaming\Mozilla\Firefox\Profiles\htinnq2b.default\searchplugins\ funmoods.xml MyStart Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-09-03 167256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61DB16C5-B733-43F4-872E-B20DC9E72740}] ALLYouTubeDownloader - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL [2012-10-07 1180672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-07-14 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-08 1796552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A11B6A6B-805A-B767-D849-B54E4374C90C}] ADDICT-THING Class - C:\ProgramData\ADDICT-THING\bhoclass.dll [2012-10-28 140800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] DealPly - C:\Program Files (x86)\DealPly\DealPlyIE.dll [2012-02-26 83048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-07-14 157680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] IplexToALLPlayer - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-01-19 194848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-08 1796552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-09-14 283160] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584] "BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-02-15 297280] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424] "Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712] "WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-11-08 997320] "ROC_ROC_NT"=C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe [2012-09-15 856160] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent [] "CTSTray"=C:\Program Files (x86)\CTS\Tray\CTSTray.exe [2011-06-07 99840] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872] "ALLUpdate"=C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2012-10-08 2991616] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "32740BEA2035F50A00003273D979F8BC"=C:\ProgramData\32740BEA2035F50A00003273D979F8BC\32740BEA2035F50A00003273D979F8BC [2012-11-30 2960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=l3codecp.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.l3codecp"=l3codecp.acm "msacm.siren"=sirenacm.dll "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-11-30 02:32:00 ----D---- C:\Program Files (x86)\trend micro 2012-11-30 02:31:59 ----D---- C:\rsit 2012-11-30 01:45:19 ----A---- C:\Windows\ntbtlog.txt 2012-11-30 01:14:22 ----D---- C:\ProgramData\32740BEA2035F50A00003273D979F8BC 2012-11-26 15:55:19 ----D---- C:\Users\Ewcia\AppData\Roaming\Apple Computer 2012-11-25 16:18:08 ----D---- C:\Program Files (x86)\Common Files\Apple 2012-11-25 16:18:01 ----D---- C:\ProgramData\Apple 2012-11-25 16:18:01 ----D---- C:\Program Files (x86)\Apple Software Update 2012-11-16 10:07:23 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2012-11-16 10:07:22 ----A---- C:\Windows\SysWOW64\vbscript.dll 2012-11-16 10:07:22 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2012-11-16 10:07:22 ----A---- C:\Windows\SysWOW64\ieui.dll 2012-11-16 10:07:21 ----A---- C:\Windows\SysWOW64\urlmon.dll 2012-11-16 10:07:21 ----A---- C:\Windows\SysWOW64\url.dll 2012-11-16 10:07:20 ----A---- C:\Windows\SysWOW64\wininet.dll 2012-11-16 10:07:20 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2012-11-16 10:07:19 ----A---- C:\Windows\SysWOW64\jscript9.dll 2012-11-16 10:07:19 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-11-16 10:07:18 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2012-11-16 10:07:18 ----A---- C:\Windows\SysWOW64\iertutil.dll 2012-11-16 10:07:17 ----A---- C:\Windows\SysWOW64\mshtml.dll 2012-11-16 10:07:14 ----A---- C:\Windows\SysWOW64\ieframe.dll 2012-11-16 00:57:56 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll 2012-11-16 00:57:56 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll 2012-11-16 00:57:52 ----A---- C:\Windows\SysWOW64\ncsi.dll 2012-11-16 00:57:51 ----A---- C:\Windows\SysWOW64\nlaapi.dll 2012-11-16 00:57:51 ----A---- C:\Windows\SysWOW64\netevent.dll 2012-11-16 00:57:51 ----A---- C:\Windows\SysWOW64\netcorehc.dll 2012-11-16 00:36:58 ----A---- C:\Windows\SysWOW64\synceng.dll 2012-11-12 00:33:48 ----D---- C:\ProgramData\GG 2012-11-12 00:33:12 ----D---- C:\Users\Ewcia\AppData\Roaming\GG 2012-11-04 13:05:11 ----A---- C:\Windows\SysWOW64\wlidcli.dll ======List of files/folders modified in the last 1 month====== 2012-11-30 02:32:02 ----D---- C:\Windows\Temp 2012-11-30 02:32:00 ----RD---- C:\Program Files (x86) 2012-11-30 01:45:19 ----D---- C:\Windows 2012-11-30 01:41:56 ----A---- C:\Windows\SysWOW64\log.txt 2012-11-30 01:30:44 ----D---- C:\Windows\Prefetch 2012-11-30 01:14:22 ----HD---- C:\ProgramData 2012-11-30 00:04:30 ----D---- C:\Program Files (x86)\DealPly 2012-11-29 23:31:13 ----D---- C:\Windows\rescache 2012-11-29 23:22:52 ----SHD---- C:\System Volume Information 2012-11-29 14:43:20 ----D---- C:\Windows\winsxs 2012-11-29 14:43:14 ----D---- C:\Windows\AppPatch 2012-11-28 23:21:17 ----D---- C:\Users\Ewcia\AppData\Roaming\SoftGrid Client 2012-11-28 20:49:01 ----D---- C:\Users\Ewcia\AppData\Roaming\Winamp 2012-11-25 16:18:45 ----SHD---- C:\Windows\Installer 2012-11-25 16:18:14 ----SHD---- C:\Config.Msi 2012-11-25 16:18:08 ----D---- C:\Program Files (x86)\Common Files 2012-11-21 20:46:14 ----D---- C:\Users\Ewcia\AppData\Roaming\Mp3tag 2012-11-17 13:30:21 ----D---- C:\Windows\Microsoft.NET 2012-11-17 13:30:20 ----RSD---- C:\Windows\assembly 2012-11-16 18:45:11 ----D---- C:\Windows\SysWOW64\pl-PL 2012-11-16 18:45:11 ----D---- C:\Windows\SysWOW64 2012-11-16 18:45:11 ----D---- C:\Windows\System32 2012-11-16 18:42:39 ----D---- C:\Windows\SysWOW64\migration 2012-11-16 18:42:39 ----D---- C:\Program Files (x86)\Internet Explorer 2012-11-16 18:39:08 ----RSD---- C:\Windows\Fonts 2012-11-16 10:14:40 ----D---- C:\Windows\inf 2012-11-12 00:33:54 ----A---- C:\Windows\wininit.ini 2012-11-08 15:52:39 ----D---- C:\ProgramData\AVG Secure Search 2012-11-08 15:52:33 ----D---- C:\Program Files (x86)\AVG Secure Search 2012-11-04 13:39:34 ----D---- C:\Program Files (x86)\ALLYouTubeDownloader 2012-11-04 13:10:40 ----D---- C:\Windows\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\drivers\b57xdbd.sys [] R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\drivers\b57xdmp.sys [] R3 bScsiMSa;bScsiMSa; C:\Windows\system32\drivers\bScsiMSa.sys [] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [] R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [] S3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [] S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] S3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [] S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [] S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [] S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [] S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [] S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336] S2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-23 873064] S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-17 116648] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336] S2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] S2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-02-15 257344] S2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [] S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-09-22 66872] S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] S2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] S2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112] S2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-09-03 188760] S2 WebOptimizer;WebOptimizer; C:\Windows\system32\dmwu.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-12 655624] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-17 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-28 115168] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.09 2012-11-30 02:32:20 ======Uninstall list====== -->"C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly -->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}\setup.exe -runfromtemp -l0x0409 Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{A0382E3C-7384-429A-9BFA-AF5888E5A193}\Setup.exe" /z-uninstall Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{A0382E3C-7384-429A-9BFA-AF5888E5A193}\Setup.exe" /z-uninstall Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x415 -removeonly Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x415 -removeonly Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x0015 -removeonly Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} ActiveX контрола на Windows Live Mesh за отдалечени връзки-->MsiExec.exe /I{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB} ActiveX-kontroll för fjärranslutningar för Windows Live Mesh-->MsiExec.exe /I{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5} ADDICT-THING-->C:\ProgramData\ADDICT-THING\uninstall.exe /path=C:\ProgramData\ADDICT-THING Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin Adobe Reader X (10.1.4)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Adobe Shockwave Player 11.6-->"C:\Windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe" ALL YouTube Downloader-->"C:\Program Files (x86)\ALLYouTubeDownloader\unins000.exe" ALLMediaServer-->"C:\Program Files (x86)\ALLMediaServer\unins000.exe" ALLPlayer V5.X-->"C:\Program Files (x86)\ALLPlayer\unins000.exe" Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} AVG Security Toolbar-->C:\Program Files (x86)\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL Backup Manager V3-->C:\Program Files (x86)\InstallShield Installation Information\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}\setup.exe -runfromtemp -l0x0409 Bing Bar-->MsiExec.exe /X{1E03DB52-D5CB-4338-A338-E526DD4D4DB1} Control ActiveX de Windows Live Mesh para conexiones remotas-->MsiExec.exe /I{04668DF2-D32F-4555-9C7E-35523DCD6544} Control ActiveX del Windows Live Mesh per a connexions remotes-->MsiExec.exe /I{76C064E2-BB99-4453-8FDA-42BC01AD0734} Control ActiveX Windows Live Mesh pentru conexiuni la distanță-->MsiExec.exe /I{260E3D78-94E6-47EC-8E29-46301572BB1E} Controle ActiveX do Windows Live Mesh para Conexões Remotas-->MsiExec.exe /I{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9} Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3} Controlo ActiveX do Windows Live Mesh para Ligações Remotas-->MsiExec.exe /I{E54EEB5D-41ED-40FE-B4A8-8565DB81469B} D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe DealPly-->C:\Program Files (x86)\DealPly\uninst.exe Dolby Advanced Audio v2-->MsiExec.exe /X{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613} Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9} Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4} Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66} Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1} Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710} Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3} GameDesire-Pool & Snooker-->C:\Program Files (x86)\Ganymede\billiards_uninstall.exe Google Earth-->MsiExec.exe /X{28E82311-8616-11E1-BEB0-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall Java™ 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF} Java™ 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D} Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454} Last.fm 1.5.4.27091-->"C:\Program Files (x86)\Last.fm\unins000.exe" Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI LG Android Drivers-->MsiExec.exe /X{D589CCA3-6B56-4237-8ED2-512152B97699} LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019} LG PC Suite IV-->C:\Program Files (x86)\LG Electronics\LG PC Suite IV\uninstall.exe LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF} Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C} Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Office Starter 2010 - Polski-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0415-0000-0000000FF1CE} Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0415-0000-0000000FF1CE} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} mks_vir - online scanner-->C:\Windows\system32\SkanerOnlineUninstall.exe Moduł Szybka instalacja pakietu Microsoft Office 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall Mozilla Firefox 16.0.2 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mp3tag v2.53-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025} MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0415 -removeonly MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE} Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88} Need For Speed™ World-->"C:\Program Files (x86)\Electronic Arts\Need For Speed World\unins000.exe" newsXpresso-->"C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF} NTI Media Maker 9-->C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe -runfromtemp -l0x0409 NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} Obsługa programów Apple-->MsiExec.exe /I{F5266D28-E0B2-4130-BFC5-EE155AD514DC} Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706} Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31} PhotoScape-->"C:\Program Files (x86)\PhotoScape\uninstall.exe" PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE} Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A} Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Urruneko konexioetarako Windows Live Mesh ActiveX kontrola-->MsiExec.exe /I{7BA6DF02-B094-45D7-A3C9-BE3684253922} Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi-->MsiExec.exe /I{241E7104-937A-4366-AD57-8FDDDB003939} Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe" Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F} Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457} Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18} Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073} Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C} Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80} Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453} Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419} Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E} Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84} Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3} Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07} Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313} Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726} Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8} Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E} Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58} Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6} Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00} Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76} Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176} Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302} Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199} Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6} Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E} Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508} Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721} Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C} Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442} Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11} Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07} Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A} Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E} Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD} Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437} Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC} Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120} Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB} Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF} Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C} Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1} Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC} Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F} Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16} Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA} Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F} Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD} Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C} Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B} Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17} Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441} Windows Live Mesh ActiveX control for remote connections-->MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94} Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger-->MsiExec.exe /I{09B7C7EB-3140-4B5E-842F-9C79A7137139} Windows Live Mesh ActiveX-objekt til fjernforbindelser-->MsiExec.exe /I{57220148-3B2B-412A-A2E0-82B9DF423696} Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15} Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4} Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D} Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5} Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5} Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0} Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB} Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468} Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886} Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978} Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862} Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB} Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B} Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B} Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A} Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A} Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678} Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576} Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9} Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A} Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649} Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F} Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5} Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72} Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11} Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720} Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7} Windows Live Meshin etäyhteyksien ActiveX-komponentti-->MsiExec.exe /I{4CF6F287-5121-483C-A5A2-07BDE19D8B4E} Windows Live Messenger-->MsiExec.exe /X{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3} Windows Live Messenger-->MsiExec.exe /X{0785A0B6-07DF-43CF-B147-E1EB4CEA0345} Windows Live Messenger-->MsiExec.exe /X{0A9256E0-C924-46DE-921B-F6C4548A1C64} Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B} Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA} Windows Live Messenger-->MsiExec.exe /X{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD} Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8} Windows Live Messenger-->MsiExec.exe /X{39BDD209-5704-480C-9F4A-B69D0370DDBB} Windows Live Messenger-->MsiExec.exe /X{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA} Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D} Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2} Windows Live Messenger-->MsiExec.exe /X{5D90ABE5-8A35-4947-8269-6F40BCE47A95} Windows Live Messenger-->MsiExec.exe /X{5F6E678A-7E61-448A-86CB-BC2AD1E04138} Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660} Windows Live Messenger-->MsiExec.exe /X{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D} Windows Live Messenger-->MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB} Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2} Windows Live Messenger-->MsiExec.exe /X{6D30E864-46AE-435B-8230-8B5D42B4AE37} Windows Live Messenger-->MsiExec.exe /X{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A} Windows Live Messenger-->MsiExec.exe /X{709E38A9-7F80-4598-96CC-44B0D553FECE} Windows Live Messenger-->MsiExec.exe /X{7F6021AE-E688-4D03-843A-C2260482BA0D} Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B} Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6} Windows Live Messenger-->MsiExec.exe /X{D54A52A8-DF24-4CE8-850B-074CA47DFA74} Windows Live Messenger-->MsiExec.exe /X{E7688C7D-DE09-4D43-9785-534EDE9BC18E} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live Messenger-->MsiExec.exe /X{EE492B20-FB15-4A98-883C-3054354A11F8} Windows Live Messenger-->MsiExec.exe /X{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9} Windows Live Messenger-->MsiExec.exe /X{F694D1F7-1F12-4550-9B7A-C871273ABAD5} Windows Live Messenger-->MsiExec.exe /X{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F} Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60} Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE} Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847} Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E} Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341} Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C} Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588} Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1} Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3} Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B} Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA} Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3} Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4} Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F} Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071} Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B} Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491} Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83} Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76} Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202} Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245} Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598} Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55} Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48} Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1} Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74} Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F} Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB} Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72} Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49} Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896} Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D} Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538} Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F} Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251} Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E} Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C} Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120} Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D} Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68} Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E} Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0} Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70} Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA} Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6} Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094} Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF} Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93} Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734} Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A} Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B} Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365} Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D} Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C} Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3} Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6} Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680} Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA} Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425} Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69} Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478} Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248} Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C} Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3} Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8} Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218} Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668} Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C} Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B} Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609} Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6} Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31} Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8} Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29} Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5} Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244} Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624} Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194} Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8} Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE} Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229} Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6} Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA} Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9} Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62} Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656} Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1} Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073} Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A} Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59} Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040} Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC} Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97} Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8} Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4} Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5} Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F} Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14} Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593} Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE} Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A} Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1} Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F} Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C} Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78} Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F} Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13} Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06} Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282} Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294} Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812} Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341} Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB} Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999} Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C} Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501} Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80} Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483} Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350} Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92} Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB} Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08} Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781} Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866} WinRAR archiver-->C:\Program Files (x86)\WinRAR\uninstall.exe Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις-->MsiExec.exe /I{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F} Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1} Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F} Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137} Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851} Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09} Элемент управления Windows Live Mesh ActiveX для удаленных подключений-->MsiExec.exe /I{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773} גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136} פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים-->MsiExec.exe /I{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0} بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744} عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة-->MsiExec.exe /I{E18B30AA-6E2D-480C-B918-AF61009F4010} معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69} ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)-->MsiExec.exe /I{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE} 適用遠端連線的 Windows Live Mesh ActiveX 控制項-->MsiExec.exe /I{622DE1BE-9EDE-49D3-B349-29D64760342A} ======System event log====== Computer Name: DRAGO Event Code: 11 Message: Na potrzeby każdej aplikacji ładowane są niestandardowe biblioteki DLL. Administrator systemu powinien przejrzeć listę bibliotek, aby się upewnić, że są związane z zaufanymi aplikacjami. Record Number: 170889 Source Name: Microsoft-Windows-Wininit Time Written: 20120808133107.620838-000 Event Type: Ostrzeżenia User: ZARZĄDZANIE NT\SYSTEM Computer Name: DRAGO Event Code: 4 Message: Broadcom NetLink ™ Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected. Record Number: 170888 Source Name: k57nd60a Time Written: 20120808133057.278020-000 Event Type: Ostrzeżenia User: Computer Name: DRAGO Event Code: 26 Message: Procesor 3 w grupie 0 uwidacznia następujące elementy: Stany bezczynności: 2 Stany wydajności: 14 Stany dławienia: 8 Record Number: 170887 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20120808133054.719616-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: DRAGO Event Code: 26 Message: Procesor 2 w grupie 0 uwidacznia następujące elementy: Stany bezczynności: 2 Stany wydajności: 14 Stany dławienia: 8 Record Number: 170886 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20120808133054.719616-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: DRAGO Event Code: 26 Message: Procesor 1 w grupie 0 uwidacznia następujące elementy: Stany bezczynności: 2 Stany wydajności: 14 Stany dławienia: 8 Record Number: 170885 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20120808133054.719616-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Application event log===== Computer Name: DRAGO Event Code: 12348 Message: Ostrzeżenie usługi kopiowania woluminów w tle: Usługa VSS napotkała na odmowę dostępu do katalogu głównego woluminu \\?\Volume{48dfa5dd-dca2-11e0-95f8-ccaf782f4c46}\. Odmówienie administratorom dostępu do katalogów głównych woluminów może spowodować wiele nieoczekiwanych błędów i uniemożliwi prawidłowe działanie usługi VSS. Sprawdź zabezpieczenia woluminu, a następnie ponów operację. Operacja: Usuwanie kopii w tle z automatycznym zwalnianiem Ładowanie dostawcy Kontekst: Kontekst wykonywania: System Provider Record Number: 14662 Source Name: VSS Time Written: 20111127180000.000000-000 Event Type: Ostrzeżenia User: Computer Name: DRAGO Event Code: 4097 Message: Rozpoczęto wykonywanie kopii zapasowej. Lokalizacja kopii zapasowej: D:\. Record Number: 14661 Source Name: Windows Backup Time Written: 20111127180000.000000-000 Event Type: Informacje User: Computer Name: DRAGO Event Code: 258 Message: Defragmentator dysku pomyślnie zakończył pracę (defragmentacja): SYSTEM RESERVED Record Number: 14660 Source Name: Microsoft-Windows-Defrag Time Written: 20111127173303.000000-000 Event Type: Informacje User: Computer Name: DRAGO Event Code: 8224 Message: Usługa VSS jest zamykana z powodu przekroczenia limitu czasu bezczynności. Record Number: 14659 Source Name: VSS Time Written: 20111127133919.000000-000 Event Type: Informacje User: Computer Name: DRAGO Event Code: 8212 Message: Pomyślnie utworzono zaplanowany punkt przywracania. Record Number: 14658 Source Name: System Restore Time Written: 20111127133618.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: DRAGO Event Code: 5024 Message: Usługa Zapora systemu Windows została pomyślnie uruchomiona. Record Number: 29767 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120610191343.085643-000 Event Type: Sukcesy inspekcji User: Computer Name: DRAGO Event Code: 5033 Message: Sterownik Zapory systemu Windows został pomyślnie uruchomiony. Record Number: 29766 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120610191342.804842-000 Event Type: Sukcesy inspekcji User: Computer Name: DRAGO Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 29765 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120610191342.695642-000 Event Type: Sukcesy inspekcji User: Computer Name: DRAGO Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: DRAGO$ Domena konta: ZEUSNET Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2cc Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 29764 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120610191342.695642-000 Event Type: Sukcesy inspekcji User: Computer Name: DRAGO Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-21-115354594-1442461755-3382605649-1000 Nazwa konta: Ewcia Domena konta: DRAGO Identyfikator logowania: 0x174d2 Uprawnienia: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 29763 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120610191342.555242-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;%PROGRAMFILES%\Internet Explorer "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 "SAFEBOOT_OPTION"=NETWORK -----------------EOF----------------- [/log]
Gość komentarz 30 listopada 2012 komentarz 30 listopada 2012 Odinstaluj: AVG Security Toolbar DealPly mks_vir - online scanner 1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] Wklej [code] :services vToolbarUpdater13.2.0 :OTL IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000ccaf782f4c46 IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{38411B77-9637-44E0-82C3-A479854B07B9}: "URL" = http://start.funmood...q={searchTerms} IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-09-15 16:27:10&v=12.2.5.34&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms} IE - HKU\S-1-5-21-115354594-1442461755-3382605649-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8xgJMY9N&i=26 FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (ADDICT-THING Class) - {A11B6A6B-805A-B767-D849-B54E4374C90C} - C:\ProgramData\ADDICT-THING\bhoclass.dll () O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-115354594-1442461755-3382605649-1000..\RunOnce: [32740BEA2035F50A00003273D979F8BC] C:\ProgramData\32740BEA2035F50A00003273D979F8BC\32740BEA2035F50A00003273D979F8BC.exe () @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C46995DA @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1D6686D8 :Files C:\autorun.inf C:\autorun.dat C:\ProgramData\32740BEA2035F50A00003273D979F8BC C:\Users\Ewcia\Desktop\System Progressive Protection.lnk C:\Users\Ewcia\AppData\Roaming\Babylon :Commands [emptytemp] [/code] Kliknij [b]Wykonaj skrypt[/b] 2.Użyj adwcleaner-a http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner Opcja delete 3.Podaj nowy log z OTL
motylu15 komentarz 3 grudnia 2012 komentarz 3 grudnia 2012 (edytowane) Witam, Tez mam ten sam problem, udalo mi si ejednak namierzyc pliki tego 'syfu' i usunac je recznie o dziwo nie uruchamia sie juz na starcie inie blokuj eaplikacji. Myslicie ze to wystarczy? Pozdraiwam i z gory dzieki za odpowiedz.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.