L2MFIX find log 1.99
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
“Asynchronous”=dword:00000000
“Impersonate”=dword:00000000
“DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
“Logoff”=“ChainWlxLogoffEvent”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
“Asynchronous”=dword:00000000
“Impersonate”=dword:00000000
“DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
“Logoff”=“CryptnetWlxLogoffEvent”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
“DLLName”=“cscdll.dll”
“Logon”=“WinlogonLogonEvent”
“Logoff”=“WinlogonLogoffEvent”
“ScreenSaver”=“WinlogonScreenSaverEvent”
“Startup”=“WinlogonStartupEvent”
“Shutdown”=“WinlogonShutdownEvent”
“StartShell”=“WinlogonStartShellEvent”
“Impersonate”=dword:00000000
“Asynchronous”=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Mixer]
“Asynchronous”=dword:00000001
“Impersonate”=dword:00000001
“StartShell”=“Entry”
“DllName”=“sndmix.dll”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
“DLLName”=“wlnotify.dll”
“Logon”=“SCardStartCertProp”
“Logoff”=“SCardStopCertProp”
“Lock”=“SCardSuspendCertProp”
“Unlock”=“SCardResumeCertProp”
“Enabled”=dword:00000001
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
“Asynchronous”=dword:00000000
“DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
“Impersonate”=dword:00000000
“StartShell”=“SchedStartShell”
“Logoff”=“SchedEventLogOff”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
“Logoff”=“WLEventLogoff”
“Impersonate”=dword:00000000
“Asynchronous”=dword:00000001
“DllName”=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
“DLLName”=“WlNotify.dll”
“Lock”=“SensLockEvent”
“Logon”=“SensLogonEvent”
“Logoff”=“SensLogoffEvent”
“Safe”=dword:00000001
“MaxWait”=dword:00000258
“StartScreenSaver”=“SensStartScreenSaverEvent”
“StopScreenSaver”=“SensStopScreenSaverEvent”
“Startup”=“SensStartupEvent”
“Shutdown”=“SensShutdownEvent”
“StartShell”=“SensStartShellEvent”
“PostShell”=“SensPostShellEvent”
“Disconnect”=“SensDisconnectEvent”
“Reconnect”=“SensReconnectEvent”
“Unlock”=“SensUnlockEvent”
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad]
“Asynchronous”=dword:00000000
“DllName”=“C:\WINDOWS\system32\k2lq0c35ef.dll”
“Impersonate”=dword:00000000
“Logon”=“WinLogon”
“Logoff”=“WinLogoff”
“Shutdown”=“WinShutdown”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
“Asynchronous”=dword:00000000
“DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
“Impersonate”=dword:00000000
“Logoff”=“TSEventLogoff”
“Logon”=“TSEventLogon”
“PostShell”=“TSEventPostShell”
“Shutdown”=“TSEventShutdown”
“StartShell”=“TSEventStartShell”
“Startup”=“TSEventStartup”
“MaxWait”=dword:00000258
“Reconnect”=“TSEventReconnect”
“Disconnect”=“TSEventDisconnect”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
“DLLName”=“wlnotify.dll”
“Logon”=“RegisterTicketExpiredNotificationEvent”
“Logoff”=“UnregisterTicketExpiredNotificationEvent”
“Impersonate”=dword:00000001
“Asynchronous”=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
“Asynchronous”=dword:00000000
“DllName”=“WRLogonNTF.dll”
“Impersonate”=dword:00000001
“Lock”=“WRLock”
“StartScreenSaver”=“WRStartScreenSaver”
“StartShell”=“WRStartShell”
“Startup”=“WRStartup”
“StopScreenSaver”=“WRStopScreenSaver”
“Unlock”=“WRUnlock”
“Shutdown”=“WRShutdown”
“Logoff”=“WRLogoff”
“Logon”=“WRLogon”
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de )
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Uľytkownicy
(ID-IO) ALLOW Read BUILTIN\Uľytkownicy
(ID-NI) ALLOW Read BUILTIN\Uľytkownicy zaawansowani
(ID-IO) ALLOW Read BUILTIN\Uľytkownicy zaawansowani
(ID-NI) ALLOW Full access BUILTIN\Administratorzy
(ID-IO) ALLOW Full access BUILTIN\Administratorzy
(ID-NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(ID-IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM
(ID-IO) ALLOW Full access TWŕRCA-WťA—CICIEL
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
“{B4457BDD-6DA1-63EF-2147-40136E3F7C92}”=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
“{00022613-0000-0000-C000-000000000046}”=“Karta waciwoci pliku multimedialnego”
“{176d6597-26d3-11d1-b350-080036a75b03}”=“ZarzĄdzanie skanerem ICM”
“{1F2E5C40-9550-11CE-99D2-00AA006E086C}”=“Strona zabezpieczeä NTFS”
“{3EA48300-8CF6-101B-84FB-666CCB9BCD32}”=“Strona waciwoci OLE Docfile”
“{40dd6e20-7c17-11ce-a804-00aa003ca9f6}”=“Rozszerzenia powoki dla udost©pniania zasob˘w”
“{41E300E0-78B6-11ce-849B-444553540000}”=“PlusPack CPL Extension”
“{42071712-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL karty graficznej”
“{42071713-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL monitora wywietlania”
“{42071714-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL kadrowania wywietlania”
“{4E40F770-369C-11d0-8922-00A024AB2DBB}”=“Strona zabezpieczeä usugi DS”
“{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}”=“Strona zgodnoci”
“{56117100-C0CD-101B-81E2-00AA004AE837}”=“Program obsugi danych wycinkowych powoki”
“{59099400-57FF-11CE-BD94-0020AF85B590}”=“Rozszerzenie Disc Copy”
“{59be4990-f85c-11ce-aff7-00aa003ca9f6}”=“Rozszerzenia powoki dla obiekt˘w Microsoft Windows Network”
“{5DB2625A-54DF-11D0-B6C4-0800091AA605}”=“ZarzĄdzanie monitorem ICM”
“{675F097E-4C4D-11D0-B6C1-0800091AA605}”=“ZarzĄdzanie drukarkĄ ICM”
“{764BF0E1-F219-11ce-972D-00AA00A14F56}”=“Rozszerzenia powoki dla kompresji plik˘w”
“{77597368-7b15-11d0-a0c2-080036af3f03}”=“Rozszerzenie powoki drukarek sieci Web”
“{7988B573-EC89-11cf-9C00-00AA00A14F56}”=“Disk Quota UI”
“{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}”=“Menu kontekstowe szyfrowania”
“{85BBD920-42A0-1069-A2E4-08002B30309D}”=“Akt˘wka”
“{88895560-9AA2-1069-930E-00AA0030EBC8}”=“Rozszerzenie ikony HyperTerminalu”
“{BD84B380-8CA2-1069-AB1D-08000948F534}”=“Fonts”
“{DBCE2480-C732-101B-BE72-BA78E9AD5B27}”=“Profil ICC”
“{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}”=“Strona zabezpieczeä drukarek”
“{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}”=“Rozszerzenia powoki dla udost©pniania zasob˘w”
“{f92e8c40-3d33-11d2-b1aa-080036a75b03}”=“Display TroubleShoot CPL Extension”
“{7444C717-39BF-11D1-8CD9-00C04FC29D45}”=“Rozszerzenie Crypto PKO”
“{7444C719-39BF-11D1-8CD9-00C04FC29D45}”=“Rozszerzenie Crypto Sign”
“{7007ACC7-3202-11D1-AAD2-00805FC1270E}”=“PoĄczenia sieciowe”
“{992CFFA0-F557-101A-88EC-00DD010CCC48}”=“PoĄczenia sieciowe”
“{E211B736-43FD-11D1-9EFB-0000F8757FCD}”="&Skanery i aparaty fotograficzne"
“{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}”="&Skanery i aparaty fotograficzne"
“{905667aa-acd6-11d2-8080-00805f6596d2}”="&Skanery i aparaty fotograficzne"
“{3F953603-1008-4f6e-A73A-04AAC7A992F1}”="&Skanery i aparaty fotograficzne"
“{83bbcbf3-b28a-4919-a5aa-73027445d672}”="&Skanery i aparaty fotograficzne"
“{F0152790-D56E-4445-850E-4F3117DB740C}”=“Remote Sessions CPL Extension”
“{5F327514-6C5E-4d60-8F16-D07FA08A78ED}”=“Auto Update Property Sheet Extension”
“{60254CA5-953B-11CF-8C96-00AA00B8708C}”=“Rozszerzenia powoki dla hosta skrypt˘w systemu Windows”
“{2206CDB2-19C1-11D1-89E0-00C04FD7A829}”=“Microsoft Data Link”
“{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}”=“Tasks Folder Icon Handler”
“{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}”=“Tasks Folder Shell Extension”
“{D6277990-4C6A-11CF-8D87-00AA0060F5BF}”=“Zaplanowane zadania”
“{0DF44EAA-FF21-4412-828E-260A8728E7F1}”=“Pasek zadaä i menu Start”
“{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}”=“Wyszukaj”
“{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}”=“Pomoc i obsuga techniczna”
“{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}”=“Pomoc i obsuga techniczna”
“{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}”=“Uruchom…”
“{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}”=“Internet”
“{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}”=“E-mail”
“{D20EA4E1-3957-11d2-A40B-0C5020524152}”=“Czcionki”
“{D20EA4E1-3957-11d2-A40B-0C5020524153}”=“Narz©dzia administracyjne”
“{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}”=“Audio Media Properties Handler”
“{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}”=“Video Media Properties Handler”
“{E4B29F9D-D390-480b-92FD-7DDB47101D71}”=“Wav Properties Handler”
“{87D62D94-71B3-4b9a-9489-5FE6850DC73E}”=“Avi Properties Handler”
“{A6FD9E45-6E44-43f9-8644-08598F5A74D9}”=“Midi Properties Handler”
“{c5a40261-cd64-4ccf-84cb-c394da41d590}”=“Video Thumbnail Extractor”
“{5E6AB780-7743-11CF-A12B-00AA004AE837}”=“Pasek narz©dzi programu Microsoft Internet”
“{22BF0C20-6DA7-11D0-B373-00A0C9034938}”=“Stan pobierania”
“{91EA3F8B-C99B-11d0-9815-00C04FD91972}”=“Folder powoki zwi©kszonej”
“{6413BA2C-B461-11d1-A18A-080036B11A03}”=“Folder powoki zwi©kszonej 2”
“{F61FFEC1-754F-11d0-80CA-00AA005B4383}”=“BandProxy”
“{7BA4C742-9E81-11CF-99D3-00AA004AE837}”=“Pasek przeglĄdarki Microsoft”
“{30D02401-6A81-11d0-8274-00C04FD5AE38}”=“Pasek wyszukiwania”
“{32683183-48a0-441b-a342-7c2a440a9478}”=“Pasek multimedi˘w”
“{169A0691-8DF9-11d1-A1C4-00C04FD75D13}”=“Wyszukiwanie w okienku”
“{07798131-AF23-11d1-9111-00A0C98BA67D}”=“Wyszukiwanie w sieci Web”
“{AF4F6510-F982-11d0-8595-00AA004CD6D8}”=“Narz©dzie opcji drzewa rejestru”
“{01E04581-4EEE-11d0-BFE9-00AA005B4383}”="&Adres"
“{A08C11D2-A228-11d0-825B-00AA005B4383}”=“Pole edycji adresu”
“{00BB2763-6A77-11D0-A535-00C04FD7D062}”=“Autouzupenianie Microsoft”
“{7376D660-C583-11d0-A3A5-00C04FD706EC}”=“Wyodr©bnianie obraz˘w Trident”
“{6756A641-DE71-11d0-831B-00AA005B4383}”=“Lista autouzupeniania MRU”
“{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}”=“Niestandardowa lista autouzupeniania MRU”
“{7e653215-fa25-46bd-a339-34a2790f3cb7}”=“Dost©pny”
“{acf35015-526e-4230-9596-becbe19f0ac9}”=“Pasek podr©czny ledzenia”
“{E0E11A09-5CB8-4B6C-8332-E00720A168F2}”=“Analizator paska adresu”
“{00BB2764-6A77-11D0-A535-00C04FD7D062}”=“Lista autouzupeniania historii Microsoft”
“{03C036F1-A186-11D0-824A-00AA005B4383}”=“Lista autouzupeniania folderu powoki Microsoft”
“{00BB2765-6A77-11D0-A535-00C04FD7D062}”=“Kontener wielu list autouzupeniania Microsoft”
“{ECD4FC4E-521C-11D0-B792-00A0C90312E1}”=“Menu witryny paska powoki”
“{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}”=“Shell DeskBarApp”
“{ECD4FC4C-521C-11D0-B792-00A0C90312E1}”=“Pasek pulpitu powoki”
“{ECD4FC4D-521C-11D0-B792-00A0C90312E1}”=“Shell Rebar BandSite”
“{DD313E04-FEFF-11d1-8ECD-0000F87A470C}”=“Pomoc dla uľytkownika”
“{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}”=“Globalne ustawienia folder˘w”
“{EFA24E61-B078-11d0-89E4-00C04FC9E26E}”=“Favorites Band”
“{0A89A860-D7B1-11CE-8350-444553540000}”=“Shell Automation Inproc Service”
“{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}”=“Shell DocObject Viewer”
“{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}”=“Microsoft Browser Architecture”
“{FBF23B40-E3F0-101B-8488-00AA003E56F8}”=“InternetShortcut”
“{3C374A40-BAE4-11CF-BF7D-00AA006946EE}”=“Microsoft Url History Service”
“{FF393560-C2A7-11CF-BFF4-444553540000}”=“Historia”
“{7BD29E00-76C1-11CF-9DD0-00A0C9034933}”=“Tymczasowe pliki internetowe”
“{7BD29E01-76C1-11CF-9DD0-00A0C9034933}”=“Tymczasowe pliki internetowe”
“{CFBFAE00-17A6-11D0-99CB-00C04FD64497}”=“Microsoft Url Search Hook”
“{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}”=“Ekran powitalny pakietu IE4”
“{67EA19A0-CCEF-11d0-8024-00C04FD75D13}”=“CDF Extension Copy Hook”
“{131A6951-7F78-11D0-A979-00C04FD705A2}”=“ISFBand OC”
“{9461b922-3c5a-11d2-bf8b-00c04fb93661}”=“Search Assistant OC”
“{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}”=“Internet”
“{871C5380-42A0-1069-A2EA-08002B30309D}”=“Internet Name Space”
“{EFA24E64-B078-11d0-89E4-00C04FC9E26E}”=“Pasek eksploratora”
“{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}”=“Sendmail service”
“{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}”=“Sendmail service”
“{88C6C381-2E85-11D0-94DE-444553540000}”=“Folder pami©ci podr©cznej ActiveX”
“{E6FB5E20-DE35-11CF-9C87-00AA005127ED}”=“WebCheck”
“{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}”=“Subscription Mgr”
“{F5175861-2688-11d0-9C5E-00AA00A45957}”=“Folder subskrypcji”
“{08165EA0-E946-11CF-9C87-00AA005127ED}”=“WebCheckWebCrawler”
“{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}”=“WebCheckChannelAgent”
“{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}”=“TrayAgent”
“{7D559C10-9FE9-11d0-93F7-00AA0059CE02}”=“Code Download Agent”
“{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}”=“ConnectionAgent”
“{D8BD2030-6FC9-11D0-864F-00AA006809D9}”=“PostAgent”
“{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}”=“WebCheck SyncMgr Handler”
“{352EC2B7-8B9A-11D1-B8AE-006008059382}”=“Menedľer aplikacji powoki”
“{0B124F8F-91F0-11D1-B8B5-006008059382}”=“Wyliczanie zainstalowanych aplikacji”
“{CFCCC7A0-A282-11D1-9082-006008059382}”=“Publikator aplikacji Darwin”
“{e84fda7c-1d6a-45f6-b725-cb260c236066}”=“Shell Image Verbs”
“{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}”=“Shell Image Data Factory”
“{3F30C968-480A-4C6C-862D-EFC0897BB84B}”=“GDI+program wyodr©bniajĄcy miniatury plik˘w”
“{9DBD2C50-62AD-11d0-B806-00C04FD706EC}”=“Informacje podsumowujĄce obsugi miniatur (DOCFILES)”
“{EAB841A0-9550-11cf-8C16-00805F1408F3}”=“Wyodr©bnianie miniatur HTML”
“{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}”=“Shell Image Property Handler”
“{CC6EEFFB-43F6-46c5-9619-51D571967F7D}”=“Kreator publikacji w sieci Web”
“{add36aa8-751a-4579-a266-d66f5202ccbb}”=“Zamawianie odbitek w sieci Web”
“{6b33163c-76a5-4b6c-bf21-45de9cd503a1}”=“Obiekt powoki kreatora publikacji”
“{58f1f272-9240-4f51-b6d4-fd63d1618591}”=“Kreator uzyskiwania profilu usugi Passport”
“{7A9D77BD-5403-11d2-8785-2E0420524153}”=“Konta uľytkownik˘w”
“{BD472F60-27FA-11cf-B8B4-444553540000}”=“Compressed (zipped) Folder Right Drag Handler”
“{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}”=“Compressed (zipped) Folder SendTo Target”
“{f39a0dc0-9cc8-11d0-a599-00c04fd64433}”=“Plik kanau”
“{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}”=“Skr˘t kanau”
“{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}”=“Obiekt obsugi kanau”
“{f3da0dc0-9cc8-11d0-a599-00c04fd64437}”=“Channel Menu”
“{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}”=“Channel Properties”
“{63da6ec0-2e98-11cf-8d82-444553540000}”=“FTP Folders Webview”
“{883373C3-BF89-11D1-BE35-080036B11A03}”=“Microsoft DocProp Shell Ext”
“{A9CF0EAE-901A-4739-A481-E35B73E47F6D}”=“Microsoft DocProp Inplace Edit Box Control”
“{8EE97210-FD1F-4B19-91DA-67914005F020}”=“Microsoft DocProp Inplace ML Edit Box Control”
“{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}”=“Microsoft DocProp Inplace Droplist Combo Control”
“{6A205B57-2567-4A2C-B881-F787FAB579A3}”=“Microsoft DocProp Inplace Calendar Control”
“{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}”=“Microsoft DocProp Inplace Time Control”
“{8A23E65E-31C2-11d0-891C-00A024AB2DBB}”=“Directory Query UI”
“{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}”=“Shell properties for a DS object”
“{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}”=“Directory Object Find”
“{F020E586-5264-11d1-A532-0000F8757D7E}”=“Directory Start/Search Find”
“{0D45D530-764B-11d0-A1CA-00AA00C16E65}”=“Directory Property UI”
“{62AE1F9A-126A-11D0-A14B-0800361B1103}”=“Directory Context Menu Verbs”
“{ECF03A33-103D-11d2-854D-006008059367}”=“MyDocs Copy Hook”
“{ECF03A32-103D-11d2-854D-006008059367}”=“MyDocs Drop Target”
“{4a7ded0a-ad25-11d0-98a8-0800361b1103}”=“MyDocs Properties”
“{750fdf0e-2a26-11d1-a3ea-080036587f03}”=“Offline Files Menu”
“{10CFC467-4392-11d2-8DB4-00C04FA31A66}”=“Offline Files Folder Options”
“{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}”=“Folder plik˘w trybu offline”
“{143A62C8-C33B-11D1-84FE-00C04FA34A14}”=“Microsoft Agent Character Property Sheet Handler”
“{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}”=“DfsShell”
“{60fd46de-f830-4894-a628-6fa81bc0190d}”="%DESC_PublishDropTarget%"
“{7A80E4A8-8005-11D2-BCF8-00C04F72C717}”=“MMC Icon Handler”
“{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}”=".CAB file viewer"
“{32714800-2E5F-11d0-8B85-00AA0044F941}”="&Do os˘b…"
“{8DD448E6-C188-4aed-AF92-44956194EB1F}”=“Windows Media Player Play as Playlist Context Menu Handler”
“{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}”=“Windows Media Player Burn Audio CD Context Menu Handler”
“{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}”=“Windows Media Player Add to Playlist Context Menu Handler”
“{FFB699E0-306A-11d3-8BD1-00104B6F7516}”=“Play on my TV helper”
“{A70C977A-BF00-412C-90B7-034C51DA2439}”=“NvCpl DesktopContext Class”
“{1CDB2949-8F65-4355-8456-263E7C208A5D}”=“Desktop Explorer”
“{1E9B04FB-F9E5-4718-997B-B8DA88302A47}”=“Desktop Explorer Menu”
“{1E9B04FB-F9E5-4718-997B-B8DA88302A48}”=“nView Desktop Context Menu”
“{BDEADF00-C265-11D0-BCED-00A0C90AB50F}”=“Foldery w sieci Web”
“{0006F045-0000-0000-C000-000000000046}”=“Microsoft Outlook Custom Icon Handler”
“{42042206-2D85-11D3-8CFF-005004838597}”=“Microsoft Office HTML Icon Handler”
“{E0D79304-84BE-11CE-9641-444553540000}”=“WinZip”
“{E0D79305-84BE-11CE-9641-444553540000}”=“WinZip”
“{E0D79306-84BE-11CE-9641-444553540000}”=“WinZip”
“{E0D79307-84BE-11CE-9641-444553540000}”=“WinZip”
“{B41DB860-8EE4-11D2-9906-E49FADC173CA}”=“WinRAR shell extension”
“{5E2121EE-0300-11D4-8D3B-444553540000}”=“st”
“{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}”=""
“{BF0C0478-1E16-41B9-814E-01E3C8D554A5}”=""
“{7248F0A8-7672-4B4C-9A41-E536464530E2}”=""
“{2A529395-E585-4104-AE01-211714D53429}”=""
“{403781C4-AB5D-4B5F-B74D-6816480C34D7}”=""
“{B089FE88-FB52-11d3-BDF1-0050DA34150D}”=“NOD32 Context Menu Shell Extension”
“{2BF56C1A-E360-4B33-8E79-D78690AE8C36}”=""
“{BE9DD761-983C-47B5-B7ED-5803447C525E}”=""
“{7C9D5882-CB4A-4090-96C8-430BFE8B795B}”=“Webroot Spy Sweeper Context Menu Integration”
“{61C75727-2871-4385-BA8F-FA4F972B018B}”=""
“{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}”=""
“{C69A6402-9001-4D76-9796-F0129A2AF4CB}”=""
“{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}”=""
“{41BC840C-C23E-48B5-932B-5681ED1875F3}”=""
“{3A48623F-6725-49A7-AD5A-BE1C49DB0494}”=""
“{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}”=""
“{922E5F89-FA6A-4568-9B7D-72F03132A6BF}”=""
“{70DED1FA-002C-43D1-BA96-14034F319921}”=""
“{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}”=""
“{C6578F7F-8434-4B23-9D7A-B6A475841B17}”=""
“{8353FB55-2181-4F06-A280-46BA8C57F996}”=""
“{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}”=""
“{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}”=""
“{FF621115-2E72-42B0-8BE8-BEBD455060D2}”=""
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}]
@=""
“IDEx”=“ADDR”
[HKEY_CLASSES_ROOT\CLSID{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}\InprocServer32]
@=“C:\WINDOWS\system32\mmvfw32.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{BF0C0478-1E16-41B9-814E-01E3C8D554A5}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BF0C0478-1E16-41B9-814E-01E3C8D554A5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{BF0C0478-1E16-41B9-814E-01E3C8D554A5}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BF0C0478-1E16-41B9-814E-01E3C8D554A5}\InprocServer32]
@=“C:\WINDOWS\system32\cartmgr.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{7248F0A8-7672-4B4C-9A41-E536464530E2}]
@=""
[HKEY_CLASSES_ROOT\CLSID{7248F0A8-7672-4B4C-9A41-E536464530E2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{7248F0A8-7672-4B4C-9A41-E536464530E2}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{7248F0A8-7672-4B4C-9A41-E536464530E2}\InprocServer32]
@=“C:\WINDOWS\system32\nbwrsko.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{2A529395-E585-4104-AE01-211714D53429}]
@=""
[HKEY_CLASSES_ROOT\CLSID{2A529395-E585-4104-AE01-211714D53429}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{2A529395-E585-4104-AE01-211714D53429}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{2A529395-E585-4104-AE01-211714D53429}\InprocServer32]
@=“C:\WINDOWS\system32\mgdtcuiu.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{403781C4-AB5D-4B5F-B74D-6816480C34D7}]
@=""
[HKEY_CLASSES_ROOT\CLSID{403781C4-AB5D-4B5F-B74D-6816480C34D7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{403781C4-AB5D-4B5F-B74D-6816480C34D7}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{403781C4-AB5D-4B5F-B74D-6816480C34D7}\InprocServer32]
@=“C:\WINDOWS\system32\rIsmontr.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{2BF56C1A-E360-4B33-8E79-D78690AE8C36}]
@=""
[HKEY_CLASSES_ROOT\CLSID{2BF56C1A-E360-4B33-8E79-D78690AE8C36}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{2BF56C1A-E360-4B33-8E79-D78690AE8C36}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{2BF56C1A-E360-4B33-8E79-D78690AE8C36}\InprocServer32]
@=“C:\WINDOWS\system32\wppshell.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{BE9DD761-983C-47B5-B7ED-5803447C525E}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BE9DD761-983C-47B5-B7ED-5803447C525E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{BE9DD761-983C-47B5-B7ED-5803447C525E}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BE9DD761-983C-47B5-B7ED-5803447C525E}\InprocServer32]
@=“C:\WINDOWS\system32\pcotowiz.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{61C75727-2871-4385-BA8F-FA4F972B018B}]
@=""
[HKEY_CLASSES_ROOT\CLSID{61C75727-2871-4385-BA8F-FA4F972B018B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{61C75727-2871-4385-BA8F-FA4F972B018B}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{61C75727-2871-4385-BA8F-FA4F972B018B}\InprocServer32]
@=“C:\WINDOWS\system32\vvrsion.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}]
@=""
[HKEY_CLASSES_ROOT\CLSID{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}\InprocServer32]
@=“C:\WINDOWS\system32\kpdpl1.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{C69A6402-9001-4D76-9796-F0129A2AF4CB}]
@=""
[HKEY_CLASSES_ROOT\CLSID{C69A6402-9001-4D76-9796-F0129A2AF4CB}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{C69A6402-9001-4D76-9796-F0129A2AF4CB}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{C69A6402-9001-4D76-9796-F0129A2AF4CB}\InprocServer32]
@=“C:\WINDOWS\system32\ebpsrv.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}]
@=""
[HKEY_CLASSES_ROOT\CLSID{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}\InprocServer32]
@=“C:\WINDOWS\system32\etentlog.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{41BC840C-C23E-48B5-932B-5681ED1875F3}]
@=""
[HKEY_CLASSES_ROOT\CLSID{41BC840C-C23E-48B5-932B-5681ED1875F3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{41BC840C-C23E-48B5-932B-5681ED1875F3}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{41BC840C-C23E-48B5-932B-5681ED1875F3}\InprocServer32]
@=“C:\WINDOWS\system32\tfpmon.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{3A48623F-6725-49A7-AD5A-BE1C49DB0494}]
@=""
[HKEY_CLASSES_ROOT\CLSID{3A48623F-6725-49A7-AD5A-BE1C49DB0494}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{3A48623F-6725-49A7-AD5A-BE1C49DB0494}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{3A48623F-6725-49A7-AD5A-BE1C49DB0494}\InprocServer32]
@=“C:\WINDOWS\system32\ngwrsde.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}\InprocServer32]
@=“C:\WINDOWS\system32\jjsh400.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{922E5F89-FA6A-4568-9B7D-72F03132A6BF}]
@=""
[HKEY_CLASSES_ROOT\CLSID{922E5F89-FA6A-4568-9B7D-72F03132A6BF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{922E5F89-FA6A-4568-9B7D-72F03132A6BF}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{922E5F89-FA6A-4568-9B7D-72F03132A6BF}\InprocServer32]
@=“C:\WINDOWS\system32\icpeers.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{70DED1FA-002C-43D1-BA96-14034F319921}]
@=""
[HKEY_CLASSES_ROOT\CLSID{70DED1FA-002C-43D1-BA96-14034F319921}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{70DED1FA-002C-43D1-BA96-14034F319921}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{70DED1FA-002C-43D1-BA96-14034F319921}\InprocServer32]
@=“C:\WINDOWS\system32\mkvcrt.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}]
@=""
[HKEY_CLASSES_ROOT\CLSID{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}\InprocServer32]
@=“C:\WINDOWS\system32\spsvc.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{C6578F7F-8434-4B23-9D7A-B6A475841B17}]
@=""
[HKEY_CLASSES_ROOT\CLSID{C6578F7F-8434-4B23-9D7A-B6A475841B17}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{C6578F7F-8434-4B23-9D7A-B6A475841B17}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{C6578F7F-8434-4B23-9D7A-B6A475841B17}\InprocServer32]
@=“C:\WINDOWS\system32\axsnds.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{8353FB55-2181-4F06-A280-46BA8C57F996}]
@=""
[HKEY_CLASSES_ROOT\CLSID{8353FB55-2181-4F06-A280-46BA8C57F996}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{8353FB55-2181-4F06-A280-46BA8C57F996}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{8353FB55-2181-4F06-A280-46BA8C57F996}\InprocServer32]
@=“C:\WINDOWS\system32\wdvcore.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}]
@=""
[HKEY_CLASSES_ROOT\CLSID{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}\InprocServer32]
@=“C:\WINDOWS\system32\dvocx.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}]
@=""
[HKEY_CLASSES_ROOT\CLSID{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}\InprocServer32]
@=“C:\WINDOWS\system32\teddd.dll”
“ThreadingModel”=“Apartment”
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID{FF621115-2E72-42B0-8BE8-BEBD455060D2}]
@=""
[HKEY_CLASSES_ROOT\CLSID{FF621115-2E72-42B0-8BE8-BEBD455060D2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID{FF621115-2E72-42B0-8BE8-BEBD455060D2}\Implemented Categories{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID{FF621115-2E72-42B0-8BE8-BEBD455060D2}\InprocServer32]
@=“C:\WINDOWS\system32\ccrtmgr.dll”
“ThreadingModel”=“Apartment”
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ailui.dll Tue 2005-11-29 15:58:16 …S.R 236 110 230,57 K
atmtd.dll Sun 2005-11-27 15:08:26 A… 687 592 671,48 K
axsnds.dll Tue 2005-11-29 16:05:34 …S.R 236 110 230,57 K
ayptif.dll Tue 2005-11-29 15:45:34 …S.R 235 346 229,83 K
ccrtmgr.dll Thu 2005-12-01 16:47:46 …S.R 234 594 229,09 K
dnlu01~1.dll Tue 2005-11-29 15:58:16 …S.R 237 041 231,48 K
dvocx.dll Wed 2005-11-30 17:50:18 …S.R 236 066 230,53 K
ebpsrv.dll Sun 2005-11-27 21:07:52 …S.R 234 159 228,67 K
en0ql1~1.dll Tue 2005-11-29 14:16:26 …S.R 236 847 231,29 K
en4ml1~1.dll Tue 2005-11-29 16:03:04 …S.R 237 251 231,69 K
en4ol1~1.dll Sun 2005-11-27 16:49:58 …S.R 233 918 228,43 K
en68l1~1.dll Wed 2005-11-30 18:20:46 …S.R 235 923 230,39 K
etentlog.dll Mon 2005-11-28 13:01:38 …S.R 233 566 228,09 K
hrls05~1.dll Tue 2005-11-29 13:07:02 …S.R 236 266 230,73 K
icpeers.dll Tue 2005-11-29 16:00:00 …S.R 236 110 230,57 K
imon.dll Sun 2005-11-27 16:28:56 A… 270 336 264,00 K
ir84l5~1.dll Mon 2005-11-28 19:36:10 …S.R 234 153 228,66 K
j8l4li~1.dll Tue 2005-11-29 14:16:30 …S.R 236 141 230,61 K
jjsh400.dll Tue 2005-11-29 15:47:36 …S.R 235 346 229,83 K
jt0u07~1.dll Tue 2005-11-29 16:01:00 …S.R 236 608 231,06 K
jt4q07~1.dll Tue 2005-11-29 16:46:14 …S.R 236 330 230,79 K
jtn607~1.dll Tue 2005-11-29 13:09:06 …S.R 234 255 228,76 K
jtp007~1.dll Tue 2005-11-29 15:59:58 …S.R 236 187 230,65 K
k2lq0c~1.dll Wed 2005-11-30 19:13:16 …S.R 234 594 229,09 K
k644lg~1.dll Wed 2005-11-30 19:15:16 …S.R 234 062 228,57 K
kbrnel32.dll Tue 2005-11-29 16:00:56 …S.R 236 110 230,57 K
kjdur.dll Tue 2005-11-29 16:46:14 …S.R 235 783 230,25 K
kpdpl1.dll Sun 2005-11-27 21:02:36 …S.R 233 566 228,09 K
kt4ql7~1.dll Sun 2005-11-27 16:08:26 …S.R 235 379 229,86 K
l06o0a~1.dll Tue 2005-11-29 16:23:06 …S.R 234 456 228,96 K
l88mli~1.dll Tue 2005-11-29 16:00:56 …S.R 237 298 231,73 K
lvru09~1.dll Sat 2005-11-26 20:59:48 …S.R 237 296 231,73 K
m0460a~1.dll Sun 2005-11-27 20:59:14 …S.R 237 197 231,64 K
m0820a~1.dll Sat 2005-11-26 20:53:02 …S.R 236 672 231,13 K
mgdtcuiu.dll Sat 2005-11-26 21:04:52 …S.R 235 674 230,15 K
mkpbde40.dll Tue 2005-11-29 13:06:58 …S.R 235 346 229,83 K
mkvcrt.dll Tue 2005-11-29 16:02:08 …S.R 236 110 230,57 K
mlxml3.dll Tue 2005-11-29 14:16:26 …S.R 235 346 229,83 K
mnxml3.dll Tue 2005-11-29 20:07:56 …S.R 235 783 230,25 K
n26qlc~1.dll Sat 2005-11-26 21:07:30 …S.R 236 218 230,68 K
n6r2lg~1.dll Sat 2005-11-26 21:04:56 …S.R 235 952 230,42 K
nbwrsko.dll Sat 2005-11-26 20:59:44 …S.R 235 674 230,15 K
ncwrsptb.dll Tue 2005-11-29 13:08:00 …S.R 235 346 229,83 K
ngwrsde.dll Wed 2005-11-30 18:20:46 …S.R 234 062 228,57 K
ojbc32gt.dll Tue 2005-11-29 16:03:04 …S.R 236 110 230,57 K
p2p60c~1.dll Tue 2005-11-29 13:08:04 …S.R 235 360 229,84 K
pcotowiz.dll Sun 2005-11-27 16:49:58 …S.R 237 197 231,64 K
q4rqle~1.dll Sat 2005-11-26 20:43:52 …S.R 234 645 229,14 K
r28s0c~1.dll Tue 2005-11-29 16:03:08 …S.R 236 530 230,98 K
rfvpperf.dll Tue 2005-11-29 16:23:06 …S.R 234 096 228,61 K
rismontr.dll Sun 2005-11-27 15:05:48 …S.R 236 575 231,03 K
rqgapi.dll Sun 2005-11-27 14:45:22 …S.R 235 674 230,15 K
sndmix.dll Sat 2005-11-26 20:40:52 A… 57 344 56,00 K
spsvc.dll Tue 2005-11-29 16:04:18 …S.R 236 110 230,57 K
stpblb.dll Tue 2005-11-29 13:09:02 …S.R 235 346 229,83 K
teddd.dll Wed 2005-11-30 19:13:16 …S.R 234 062 228,57 K
tfappcmp.dll Sat 2005-11-26 21:07:26 …S.R 235 674 230,15 K
tfpmon.dll Mon 2005-11-28 19:36:06 …S.R 236 174 230,64 K
vvrsion.dll Sun 2005-11-27 17:16:14 …S.R 237 197 231,64 K
wchpl.dll Sun 2005-11-27 21:00:18 …S.R 233 566 228,09 K
wdvcore.dll Tue 2005-11-29 16:24:34 …S.R 234 096 228,61 K
wmng.dll Tue 2005-11-29 13:10:04 …S.R 235 346 229,83 K
wppshell.dll Sun 2005-11-27 16:08:24 …S.R 233 849 228,37 K
wrlogo~1.dll Wed 2005-11-16 14:38:16 A… 492 544 481,00 K
wrlzma.dll Wed 2005-11-16 14:38:12 A… 17 920 17,50 K
zlbw.dll Sat 2005-11-26 20:40:30 A… 46 592 45,50 K
66 items found: 66 files (60 H/S), 0 directories.
Total of file sizes: 15 706 186 bytes 14,98 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Wolumin w stacji C to ZYCH
Numer seryjny woluminu: 448A-19BE
Katalog: C:\WINDOWS\System32
2005-12-01 16:47 234˙594 ccrtmgr.dll
2005-11-30 19:15 234˙062 k644lghq164e.dll
2005-11-30 19:13 234˙062 teddd.dll
2005-11-30 19:13 234˙594 k2lq0c35ef.dll
2005-11-30 18:20 234˙062 ngwrsde.dll
2005-11-30 18:20 235˙923 en68l1ju1.dll
2005-11-30 17:50 236˙066 dvocx.dll
2005-11-29 20:07 235˙783 mnxml3.dll
2005-11-29 16:46 235˙783 kjdur.dll
2005-11-29 16:46 236˙330 jt4q07h5e.dll
2005-11-29 16:24 234˙096 wdvcore.dll
2005-11-29 16:23 234˙096 rfvpperf.dll
2005-11-29 16:23 234˙456 l06o0aj3edo.dll
2005-11-29 16:05 236˙110 axsnds.dll
2005-11-29 16:04 236˙110 spsvc.dll
2005-11-29 16:03 236˙530 r28s0cl7efq.dll
2005-11-29 16:03 236˙110 ojbc32gt.dll
2005-11-29 16:03 237˙251 en4ml1h11.dll
2005-11-29 16:02 236˙110 mkvcrt.dll
2005-11-29 16:00 236˙608 jt0u07d9e.dll
2005-11-29 16:00 236˙110 kbrnel32.dll
2005-11-29 16:00 237˙298 l88mlil118q.dll
2005-11-29 15:59 236˙110 icpeers.dll
2005-11-29 15:59 236˙187 jtp0077me.dll
2005-11-29 15:58 236˙110 ailui.dll
2005-11-29 15:58 237˙041 dnlu0139e.dll
2005-11-29 15:47 235˙346 jjsh400.dll
2005-11-29 15:45 235˙346 ayptif.dll
2005-11-29 14:16 236˙141 j8l4li3q18.dll
2005-11-29 14:16 235˙346 mlxml3.dll
2005-11-29 14:16 236˙847 en0ql1d51.dll
2005-11-29 13:10 235˙346 WMNG.DLL
2005-11-29 13:09 234˙255 jtn6075se.dll
2005-11-29 13:09 235˙346 stpblb.dll
2005-11-29 13:08 235˙360 p2p60c7sef.dll
2005-11-29 13:07 235˙346 ncwrsptb.dll
2005-11-29 13:07 236˙266 hrls0537e.dll
2005-11-29 13:06 235˙346 mkpbde40.dll
2005-11-28 19:36 234˙153 ir84l5lq1.dll
2005-11-28 19:36 236˙174 tfpmon.dll
2005-11-28 13:01 233˙566 etentlog.dll
2005-11-27 21:07 234˙159 ebpsrv.dll
2005-11-27 21:02 233˙566 kpdpl1.dll
2005-11-27 21:00 233˙566 wchpl.dll
2005-11-27 20:59 237˙197 m0460ahsed460.dll
2005-11-27 17:16 237˙197 vvrsion.dll
2005-11-27 16:49 237˙197 pcotowiz.dll
2005-11-27 16:49 233˙918 en4ol1h31.dll
2005-11-27 16:08 235˙379 kt4ql7h51.dll
2005-11-27 16:08 233˙849 wppshell.dll
2005-11-27 15:05 236˙575 rIsmontr.dll
2005-11-27 14:45 235˙674 rqgapi.dll
2005-11-26 21:07 236˙218 n26qlcj51fo.dll
2005-11-26 21:07 235˙674 tfappcmp.dll
2005-11-26 21:04 235˙952 n6r2lg9o16.dll
2005-11-26 21:04 235˙674 mgdtcuiu.dll
2005-11-26 20:59 237˙296 lvru0999e.dll
2005-11-26 20:59 235˙674 nbwrsko.dll
2005-11-26 20:53 236˙672 m0820aloedqc0.dll
2005-11-26 20:43 234˙645 q4rqle951h.dll
2005-06-28 13:49
60 plik(˘w) 14˙133˙858 bajt˘w
1 katalog(˘w) 10˙674˙327˙552 bajt˘w wolnych
Złączono Posta : 01.12.2005 (Czw) 17:46
L2MFIX find log 1.99 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] “Asynchronous”=dword:00000000 “Impersonate”=dword:00000000 “DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 “Logoff”=“ChainWlxLogoffEvent” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] “Asynchronous”=dword:00000000 “Impersonate”=dword:00000000 “DllName”=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 “Logoff”=“CryptnetWlxLogoffEvent” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] “DLLName”=“cscdll.dll” “Logon”=“WinlogonLogonEvent” “Logoff”=“WinlogonLogoffEvent” “ScreenSaver”=“WinlogonScreenSaverEvent” “Startup”=“WinlogonStartupEvent” “Shutdown”=“WinlogonShutdownEvent” “StartShell”=“WinlogonStartShellEvent” “Impersonate”=dword:00000000 “Asynchronous”=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Mixer] “Asynchronous”=dword:00000001 “Impersonate”=dword:00000001 “StartShell”=“Entry” “DllName”=“sndmix.dll” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] “DLLName”=“wlnotify.dll” “Logon”=“SCardStartCertProp” “Logoff”=“SCardStopCertProp” “Lock”=“SCardSuspendCertProp” “Unlock”=“SCardResumeCertProp” “Enabled”=dword:00000001 “Impersonate”=dword:00000001 “Asynchronous”=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] “Asynchronous”=dword:00000000 “DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 “Impersonate”=dword:00000000 “StartShell”=“SchedStartShell” “Logoff”=“SchedEventLogOff” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] “Logoff”=“WLEventLogoff” “Impersonate”=dword:00000000 “Asynchronous”=dword:00000001 “DllName”=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] “DLLName”=“WlNotify.dll” “Lock”=“SensLockEvent” “Logon”=“SensLogonEvent” “Logoff”=“SensLogoffEvent” “Safe”=dword:00000001 “MaxWait”=dword:00000258 “StartScreenSaver”=“SensStartScreenSaverEvent” “StopScreenSaver”=“SensStopScreenSaverEvent” “Startup”=“SensStartupEvent” “Shutdown”=“SensShutdownEvent” “StartShell”=“SensStartShellEvent” “PostShell”=“SensPostShellEvent” “Disconnect”=“SensDisconnectEvent” “Reconnect”=“SensReconnectEvent” “Unlock”=“SensUnlockEvent” “Impersonate”=dword:00000001 “Asynchronous”=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] “Asynchronous”=dword:00000000 “DllName”=“C:\WINDOWS\system32\k2lq0c35ef.dll” “Impersonate”=dword:00000000 “Logon”=“WinLogon” “Logoff”=“WinLogoff” “Shutdown”=“WinShutdown” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] “Asynchronous”=dword:00000000 “DllName”=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 “Impersonate”=dword:00000000 “Logoff”=“TSEventLogoff” “Logon”=“TSEventLogon” “PostShell”=“TSEventPostShell” “Shutdown”=“TSEventShutdown” “StartShell”=“TSEventStartShell” “Startup”=“TSEventStartup” “MaxWait”=dword:00000258 “Reconnect”=“TSEventReconnect” “Disconnect”=“TSEventDisconnect” [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] “DLLName”=“wlnotify.dll” “Logon”=“RegisterTicketExpiredNotificationEvent” “Logoff”=“UnregisterTicketExpiredNotificationEvent” “Impersonate”=dword:00000001 “Asynchronous”=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] “Asynchronous”=dword:00000000 “DllName”=“WRLogonNTF.dll” “Impersonate”=dword:00000001 “Lock”=“WRLock” “StartScreenSaver”=“WRStartScreenSaver” “StartShell”=“WRStartShell” “Startup”=“WRStartup” “StopScreenSaver”=“WRStopScreenSaver” “Unlock”=“WRUnlock” “Shutdown”=“WRShutdown” “Logoff”=“WRLogoff” “Logon”=“WRLogon” RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de ) This program is Freeware, use it on your own risk! Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify: (NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (ID-NI) ALLOW Read BUILTIN\Uľytkownicy (ID-IO) ALLOW Read BUILTIN\Uľytkownicy (ID-NI) ALLOW Read BUILTIN\Uľytkownicy zaawansowani (ID-IO) ALLOW Read BUILTIN\Uľytkownicy zaawansowani (ID-NI) ALLOW Full access BUILTIN\Administratorzy (ID-IO) ALLOW Full access BUILTIN\Administratorzy (ID-NI) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (ID-IO) ALLOW Full access ZARZ¤DZANIE NT\SYSTEM (ID-IO) ALLOW Full access TWŕRCA-WťA—CICIEL ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] “{B4457BDD-6DA1-63EF-2147-40136E3F7C92}”="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] “{00022613-0000-0000-C000-000000000046}”=“Karta waciwoci pliku multimedialnego” “{176d6597-26d3-11d1-b350-080036a75b03}”=“ZarzĄdzanie skanerem ICM” “{1F2E5C40-9550-11CE-99D2-00AA006E086C}”=“Strona zabezpieczeä NTFS” “{3EA48300-8CF6-101B-84FB-666CCB9BCD32}”=“Strona waciwoci OLE Docfile” “{40dd6e20-7c17-11ce-a804-00aa003ca9f6}”=“Rozszerzenia powoki dla udost©pniania zasob˘w” “{41E300E0-78B6-11ce-849B-444553540000}”=“PlusPack CPL Extension” “{42071712-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL karty graficznej” “{42071713-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL monitora wywietlania” “{42071714-76d4-11d1-8b24-00a0c9068ff3}”=“Rozszerzenie CPL kadrowania wywietlania” “{4E40F770-369C-11d0-8922-00A024AB2DBB}”=“Strona zabezpieczeä usugi DS” “{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}”=“Strona zgodnoci” “{56117100-C0CD-101B-81E2-00AA004AE837}”=“Program obsugi danych wycinkowych powoki” “{59099400-57FF-11CE-BD94-0020AF85B590}”=“Rozszerzenie Disc Copy” “{59be4990-f85c-11ce-aff7-00aa003ca9f6}”=“Rozszerzenia powoki dla obiekt˘w Microsoft Windows Network” “{5DB2625A-54DF-11D0-B6C4-0800091AA605}”=“ZarzĄdzanie monitorem ICM” “{675F097E-4C4D-11D0-B6C1-0800091AA605}”=“ZarzĄdzanie drukarkĄ ICM” “{764BF0E1-F219-11ce-972D-00AA00A14F56}”=“Rozszerzenia powoki dla kompresji plik˘w” “{77597368-7b15-11d0-a0c2-080036af3f03}”=“Rozszerzenie powoki drukarek sieci Web” “{7988B573-EC89-11cf-9C00-00AA00A14F56}”=“Disk Quota UI” “{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}”=“Menu kontekstowe szyfrowania” “{85BBD920-42A0-1069-A2E4-08002B30309D}”=“Akt˘wka” “{88895560-9AA2-1069-930E-00AA0030EBC8}”=“Rozszerzenie ikony HyperTerminalu” “{BD84B380-8CA2-1069-AB1D-08000948F534}”=“Fonts” “{DBCE2480-C732-101B-BE72-BA78E9AD5B27}”=“Profil ICC” “{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}”=“Strona zabezpieczeä drukarek” “{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}”=“Rozszerzenia powoki dla udost©pniania zasob˘w” “{f92e8c40-3d33-11d2-b1aa-080036a75b03}”=“Display TroubleShoot CPL Extension” “{7444C717-39BF-11D1-8CD9-00C04FC29D45}”=“Rozszerzenie Crypto PKO” “{7444C719-39BF-11D1-8CD9-00C04FC29D45}”=“Rozszerzenie Crypto Sign” “{7007ACC7-3202-11D1-AAD2-00805FC1270E}”=“PoĄczenia sieciowe” “{992CFFA0-F557-101A-88EC-00DD010CCC48}”=“PoĄczenia sieciowe” “{E211B736-43FD-11D1-9EFB-0000F8757FCD}”="&Skanery i aparaty fotograficzne" “{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}”="&Skanery i aparaty fotograficzne" “{905667aa-acd6-11d2-8080-00805f6596d2}”="&Skanery i aparaty fotograficzne" “{3F953603-1008-4f6e-A73A-04AAC7A992F1}”="&Skanery i aparaty fotograficzne" “{83bbcbf3-b28a-4919-a5aa-73027445d672}”="&Skanery i aparaty fotograficzne" “{F0152790-D56E-4445-850E-4F3117DB740C}”=“Remote Sessions CPL Extension” “{5F327514-6C5E-4d60-8F16-D07FA08A78ED}”=“Auto Update Property Sheet Extension” “{60254CA5-953B-11CF-8C96-00AA00B8708C}”=“Rozszerzenia powoki dla hosta skrypt˘w systemu Windows” “{2206CDB2-19C1-11D1-89E0-00C04FD7A829}”=“Microsoft Data Link” “{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}”=“Tasks Folder Icon Handler” “{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}”=“Tasks Folder Shell Extension” “{D6277990-4C6A-11CF-8D87-00AA0060F5BF}”=“Zaplanowane zadania” “{0DF44EAA-FF21-4412-828E-260A8728E7F1}”=“Pasek zadaä i menu Start” “{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}”=“Wyszukaj” “{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}”=“Pomoc i obsuga techniczna” “{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}”=“Pomoc i obsuga techniczna” “{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}”=“Uruchom…” “{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}”=“Internet” “{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}”=“E-mail” “{D20EA4E1-3957-11d2-A40B-0C5020524152}”=“Czcionki” “{D20EA4E1-3957-11d2-A40B-0C5020524153}”=“Narz©dzia administracyjne” “{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}”=“Audio Media Properties Handler” “{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}”=“Video Media Properties Handler” “{E4B29F9D-D390-480b-92FD-7DDB47101D71}”=“Wav Properties Handler” “{87D62D94-71B3-4b9a-9489-5FE6850DC73E}”=“Avi Properties Handler” “{A6FD9E45-6E44-43f9-8644-08598F5A74D9}”=“Midi Properties Handler” “{c5a40261-cd64-4ccf-84cb-c394da41d590}”=“Video Thumbnail Extractor” “{5E6AB780-7743-11CF-A12B-00AA004AE837}”=“Pasek narz©dzi programu Microsoft Internet” “{22BF0C20-6DA7-11D0-B373-00A0C9034938}”=“Stan pobierania” “{91EA3F8B-C99B-11d0-9815-00C04FD91972}”=“Folder powoki zwi©kszonej” “{6413BA2C-B461-11d1-A18A-080036B11A03}”=“Folder powoki zwi©kszonej 2” “{F61FFEC1-754F-11d0-80CA-00AA005B4383}”=“BandProxy” “{7BA4C742-9E81-11CF-99D3-00AA004AE837}”=“Pasek przeglĄdarki Microsoft” “{30D02401-6A81-11d0-8274-00C04FD5AE38}”=“Pasek wyszukiwania” “{32683183-48a0-441b-a342-7c2a440a9478}”=“Pasek multimedi˘w” “{169A0691-8DF9-11d1-A1C4-00C04FD75D13}”=“Wyszukiwanie w okienku” “{07798131-AF23-11d1-9111-00A0C98BA67D}”=“Wyszukiwanie w sieci Web” “{AF4F6510-F982-11d0-8595-00AA004CD6D8}”=“Narz©dzie opcji drzewa rejestru” “{01E04581-4EEE-11d0-BFE9-00AA005B4383}”="&Adres" “{A08C11D2-A228-11d0-825B-00AA005B4383}”=“Pole edycji adresu” “{00BB2763-6A77-11D0-A535-00C04FD7D062}”=“Autouzupenianie Microsoft” “{7376D660-C583-11d0-A3A5-00C04FD706EC}”=“Wyodr©bnianie obraz˘w Trident” “{6756A641-DE71-11d0-831B-00AA005B4383}”=“Lista autouzupeniania MRU” “{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}”=“Niestandardowa lista autouzupeniania MRU” “{7e653215-fa25-46bd-a339-34a2790f3cb7}”=“Dost©pny” “{acf35015-526e-4230-9596-becbe19f0ac9}”=“Pasek podr©czny ledzenia” “{E0E11A09-5CB8-4B6C-8332-E00720A168F2}”=“Analizator paska adresu” “{00BB2764-6A77-11D0-A535-00C04FD7D062}”=“Lista autouzupeniania historii Microsoft” “{03C036F1-A186-11D0-824A-00AA005B4383}”=“Lista autouzupeniania folderu powoki Microsoft” “{00BB2765-6A77-11D0-A535-00C04FD7D062}”=“Kontener wielu list autouzupeniania Microsoft” “{ECD4FC4E-521C-11D0-B792-00A0C90312E1}”=“Menu witryny paska powoki” “{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}”=“Shell DeskBarApp” “{ECD4FC4C-521C-11D0-B792-00A0C90312E1}”=“Pasek pulpitu powoki” “{ECD4FC4D-521C-11D0-B792-00A0C90312E1}”=“Shell Rebar BandSite” “{DD313E04-FEFF-11d1-8ECD-0000F87A470C}”=“Pomoc dla uľytkownika” “{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}”=“Globalne ustawienia folder˘w” “{EFA24E61-B078-11d0-89E4-00C04FC9E26E}”=“Favorites Band” “{0A89A860-D7B1-11CE-8350-444553540000}”=“Shell Automation Inproc Service” “{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}”=“Shell DocObject Viewer” “{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}”=“Microsoft Browser Architecture” “{FBF23B40-E3F0-101B-8488-00AA003E56F8}”=“InternetShortcut” “{3C374A40-BAE4-11CF-BF7D-00AA006946EE}”=“Microsoft Url History Service” “{FF393560-C2A7-11CF-BFF4-444553540000}”=“Historia” “{7BD29E00-76C1-11CF-9DD0-00A0C9034933}”=“Tymczasowe pliki internetowe” “{7BD29E01-76C1-11CF-9DD0-00A0C9034933}”=“Tymczasowe pliki internetowe” “{CFBFAE00-17A6-11D0-99CB-00C04FD64497}”=“Microsoft Url Search Hook” “{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}”=“Ekran powitalny pakietu IE4” “{67EA19A0-CCEF-11d0-8024-00C04FD75D13}”=“CDF Extension Copy Hook” “{131A6951-7F78-11D0-A979-00C04FD705A2}”=“ISFBand OC” “{9461b922-3c5a-11d2-bf8b-00c04fb93661}”=“Search Assistant OC” “{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}”=“Internet” “{871C5380-42A0-1069-A2EA-08002B30309D}”=“Internet Name Space” “{EFA24E64-B078-11d0-89E4-00C04FC9E26E}”=“Pasek eksploratora” “{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}”=“Sendmail service” “{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}”=“Sendmail service” “{88C6C381-2E85-11D0-94DE-444553540000}”=“Folder pami©ci podr©cznej ActiveX” “{E6FB5E20-DE35-11CF-9C87-00AA005127ED}”=“WebCheck” “{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}”=“Subscription Mgr” “{F5175861-2688-11d0-9C5E-00AA00A45957}”=“Folder subskrypcji” “{08165EA0-E946-11CF-9C87-00AA005127ED}”=“WebCheckWebCrawler” “{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}”=“WebCheckChannelAgent” “{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}”=“TrayAgent” “{7D559C10-9FE9-11d0-93F7-00AA0059CE02}”=“Code Download Agent” “{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}”=“ConnectionAgent” “{D8BD2030-6FC9-11D0-864F-00AA006809D9}”=“PostAgent” “{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}”=“WebCheck SyncMgr Handler” “{352EC2B7-8B9A-11D1-B8AE-006008059382}”=“Menedľer aplikacji powoki” “{0B124F8F-91F0-11D1-B8B5-006008059382}”=“Wyliczanie zainstalowanych aplikacji” “{CFCCC7A0-A282-11D1-9082-006008059382}”=“Publikator aplikacji Darwin” “{e84fda7c-1d6a-45f6-b725-cb260c236066}”=“Shell Image Verbs” “{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}”=“Shell Image Data Factory” “{3F30C968-480A-4C6C-862D-EFC0897BB84B}”=“GDI+program wyodr©bniajĄcy miniatury plik˘w” “{9DBD2C50-62AD-11d0-B806-00C04FD706EC}”=“Informacje podsumowujĄce obsugi miniatur (DOCFILES)” “{EAB841A0-9550-11cf-8C16-00805F1408F3}”=“Wyodr©bnianie miniatur HTML” “{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}”=“Shell Image Property Handler” “{CC6EEFFB-43F6-46c5-9619-51D571967F7D}”=“Kreator publikacji w sieci Web” “{add36aa8-751a-4579-a266-d66f5202ccbb}”=“Zamawianie odbitek w sieci Web” “{6b33163c-76a5-4b6c-bf21-45de9cd503a1}”=“Obiekt powoki kreatora publikacji” “{58f1f272-9240-4f51-b6d4-fd63d1618591}”=“Kreator uzyskiwania profilu usugi Passport” “{7A9D77BD-5403-11d2-8785-2E0420524153}”=“Konta uľytkownik˘w” “{BD472F60-27FA-11cf-B8B4-444553540000}”=“Compressed (zipped) Folder Right Drag Handler” “{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}”=“Compressed (zipped) Folder SendTo Target” “{f39a0dc0-9cc8-11d0-a599-00c04fd64433}”=“Plik kanau” “{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}”=“Skr˘t kanau” “{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}”=“Obiekt obsugi kanau” “{f3da0dc0-9cc8-11d0-a599-00c04fd64437}”=“Channel Menu” “{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}”=“Channel Properties” “{63da6ec0-2e98-11cf-8d82-444553540000}”=“FTP Folders Webview” “{883373C3-BF89-11D1-BE35-080036B11A03}”=“Microsoft DocProp Shell Ext” “{A9CF0EAE-901A-4739-A481-E35B73E47F6D}”=“Microsoft DocProp Inplace Edit Box Control” “{8EE97210-FD1F-4B19-91DA-67914005F020}”=“Microsoft DocProp Inplace ML Edit Box Control” “{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}”=“Microsoft DocProp Inplace Droplist Combo Control” “{6A205B57-2567-4A2C-B881-F787FAB579A3}”=“Microsoft DocProp Inplace Calendar Control” “{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}”=“Microsoft DocProp Inplace Time Control” “{8A23E65E-31C2-11d0-891C-00A024AB2DBB}”=“Directory Query UI” “{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}”=“Shell properties for a DS object” “{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}”=“Directory Object Find” “{F020E586-5264-11d1-A532-0000F8757D7E}”=“Directory Start/Search Find” “{0D45D530-764B-11d0-A1CA-00AA00C16E65}”=“Directory Property UI” “{62AE1F9A-126A-11D0-A14B-0800361B1103}”=“Directory Context Menu Verbs” “{ECF03A33-103D-11d2-854D-006008059367}”=“MyDocs Copy Hook” “{ECF03A32-103D-11d2-854D-006008059367}”=“MyDocs Drop Target” “{4a7ded0a-ad25-11d0-98a8-0800361b1103}”=“MyDocs Properties” “{750fdf0e-2a26-11d1-a3ea-080036587f03}”=“Offline Files Menu” “{10CFC467-4392-11d2-8DB4-00C04FA31A66}”=“Offline Files Folder Options” “{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}”=“Folder plik˘w trybu offline” “{143A62C8-C33B-11D1-84FE-00C04FA34A14}”=“Microsoft Agent Character Property Sheet Handler” “{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}”=“DfsShell” “{60fd46de-f830-4894-a628-6fa81bc0190d}”="%DESC_PublishDropTarget%" “{7A80E4A8-8005-11D2-BCF8-00C04F72C717}”=“MMC Icon Handler” “{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}”=".CAB file viewer" “{32714800-2E5F-11d0-8B85-00AA0044F941}”="&Do os˘b…" “{8DD448E6-C188-4aed-AF92-44956194EB1F}”=“Windows Media Player Play as Playlist Context Menu Handler” “{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}”=“Windows Media Player Burn Audio CD Context Menu Handler” “{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}”=“Windows Media Player Add to Playlist Context Menu Handler” “{FFB699E0-306A-11d3-8BD1-00104B6F7516}”=“Play on my TV helper” “{A70C977A-BF00-412C-90B7-034C51DA2439}”=“NvCpl DesktopContext Class” “{1CDB2949-8F65-4355-8456-263E7C208A5D}”=“Desktop Explorer” “{1E9B04FB-F9E5-4718-997B-B8DA88302A47}”=“Desktop Explorer Menu” “{1E9B04FB-F9E5-4718-997B-B8DA88302A48}”=“nView Desktop Context Menu” “{BDEADF00-C265-11D0-BCED-00A0C90AB50F}”=“Foldery w sieci Web” “{0006F045-0000-0000-C000-000000000046}”=“Microsoft Outlook Custom Icon Handler” “{42042206-2D85-11D3-8CFF-005004838597}”=“Microsoft Office HTML Icon Handler” “{E0D79304-84BE-11CE-9641-444553540000}”=“WinZip” “{E0D79305-84BE-11CE-9641-444553540000}”=“WinZip” “{E0D79306-84BE-11CE-9641-444553540000}”=“WinZip” “{E0D79307-84BE-11CE-9641-444553540000}”=“WinZip” “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”=“WinRAR shell extension” “{5E2121EE-0300-11D4-8D3B-444553540000}”=“st” “{4B2F2ACA-9664-45F8-AFC8-BB07BFE37A5D}”="" “{BF0C0478-1E16-41B9-814E-01E3C8D554A5}”="" “{7248F0A8-7672-4B4C-9A41-E536464530E2}”="" “{2A529395-E585-4104-AE01-211714D53429}”="" “{403781C4-AB5D-4B5F-B74D-6816480C34D7}”="" “{B089FE88-FB52-11d3-BDF1-0050DA34150D}”=“NOD32 Context Menu Shell Extension” “{2BF56C1A-E360-4B33-8E79-D78690AE8C36}”="" “{BE9DD761-983C-47B5-B7ED-5803447C525E}”="" “{7C9D5882-CB4A-4090-96C8-430BFE8B795B}”=“Webroot Spy Sweeper Context Menu Integration” “{61C75727-2871-4385-BA8F-FA4F972B018B}”="" “{39C40D5C-E370-49A8-9B6B-3CCB35EFEFF4}”="" “{C69A6402-9001-4D76-9796-F0129A2AF4CB}”="" “{764EC8A3-062F-4A1F-A173-4C77CA43A2F4}”="" “{41BC840C-C23E-48B5-932B-5681ED1875F3}”="" “{3A48623F-6725-49A7-AD5A-BE1C49DB0494}”="" “{BDEF4A71-8952-4F8F-9199-DB00FA4A0DC7}”="" “{922E5F89-FA6A-4568-9B7D-72F03132A6BF}”="" “{70DED1FA-002C-43D1-BA96-14034F319921}”="" “{F4AB7A9E-5BA0-4102-A3A3-104F539F1249}”="" “{C6578F7F-8434-4B23-9D7A-B6A475841B17}”="" “{8353FB55-2181-4F06-A280-46BA8C57F996}”="" “{B5D0C74A-AA1D-47D0-A971-158F6CF3A0DB}”="" “{F33EDCD8-15CE-4ECA-A957-AEC8C590430D}”="" “{FF621115-2E72-42B0-8BE8-BEBD455060D2}”=""
Złączono Posta : 01.12.2005 (Czw) 17:51
Mam nadzieje ze jest cos interesujacego w tym logu ob chyba nie jest caly byl za dlugi zeby go wkleic
Złączono Posta : 01.12.2005 (Czw) 19:56
Logfile of HijackThis v1.99.1 Scan saved at 19:32:28, on 2005-12-01 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\mmc.exe D:\HijackThis.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE O4 - HKLM…\Run: [spySweeper] “C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe” /startintray O4 - HKLM…\Run: [AVGCtrl] “C:\Program Files\AVPersonal\AVGNT.EXE” /min O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\j2p0lc7m1f.dll O20 - Winlogon Notify: Mixer - C:\WINDOWS\SYSTEM32\sndmix.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe