x-kom hosting

Wysokie zużycie procesora - svchost.exe, zacinający dźwięk.

sebas135
utworzono
utworzono

Cześć. Od kilku dni mam problem z moim laptopem AsusK50ij. Po uruchomieniu komputera zużycie procesora osiąga 100% i trzyma się tak około 3 minuty. Odpowiedzialny za to jest głownie svchost.exe (852 i 1124). Po drugie zacina mi muzyka w trakcie odtwarzania ale nie wiem czy to przez ten procesor czy to już inna kwestia. Proszę o pomoc i wskazówki. Czy da radę coś z tym zrobić czy pozostaje tylko format? Piszcie proszę jakie dane potrzebujecie jeszcze bo słabo się na tym znam:)

wirusolog
komentarz
komentarz

Nie mogę otworzyć załączników bo wyskakuje mi:
[quote]
[b][#10171] Nie masz uprawnień do pobrania tego załącznika[/b]
[/quote]
Proszę o wysłanie logów i screena na jakiś hosting, logi np. na wklej.org / screena na imageshack.us

sebas135
komentarz
komentarz (edytowane)

[log]
OTL logfile created on: 2011-06-27 21:27:59 - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\asus\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,44% Memory free
5,93 Gb Paging File | 4,95 Gb Available in Paging File | 83,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 73,27 Gb Free Space | 75,03% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 73,58 Gb Free Space | 75,35% Space Free | Partition Type: NTFS
Drive E: | 102,78 Gb Total Space | 95,68 Gb Free Space | 93,10% Space Free | Partition Type: NTFS

Computer Name: ASUSX | User Name: asus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-06-25 14:57:47 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\asus\Downloads\OTL.exe
PRC - [2011-06-16 06:51:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-08-12 14:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009-03-23 08:52:14 | 017,149,952 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-06-25 14:57:47 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\asus\Downloads\OTL.exe
MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (WMPNetworkSvc)
SRV - [2010-06-26 16:26:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-03-25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-10-05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-08-23 05:06:38 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:53:40 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009-03-20 08:21:38 | 000,984,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-08-11 04:14:12 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-02-01 17:24:04 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2007-07-31 02:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-04-07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M]

[2011-06-24 21:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\asus\AppData\Roaming\mozilla\Extensions
[2011-06-24 21:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011-06-16 06:51:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011-06-24 02:31:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HControl] C:\Windows\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.7.228
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-06-27 20:55:30 | 000,000,000 | R--D | C] -- C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2011-06-27 20:36:11 | 000,038,480 | ---- | C] (CANON INC.) -- C:\Windows\System32\IJRMF.exe
[2011-06-27 19:47:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-06-27 17:44:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2011-06-27 10:40:50 | 000,000,000 | ---D | C] -- C:\Users\asus\DoctorWeb
[2011-06-26 19:45:19 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011-06-26 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\RealDrawPRO4
[2011-06-26 00:59:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-06-25 21:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2011-06-24 23:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011-06-24 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\Malwarebytes
[2011-06-24 22:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-06-24 22:08:21 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-06-24 22:08:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011-06-24 22:07:53 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011-06-24 22:07:53 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011-06-24 22:07:53 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011-06-24 22:07:53 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011-06-24 22:07:41 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011-06-24 22:07:41 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-06-24 22:07:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011-06-24 22:07:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011-06-24 22:07:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011-06-24 22:07:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-06-24 22:07:40 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011-06-24 22:07:39 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-06-24 22:07:39 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011-06-24 22:07:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-06-24 22:07:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011-06-24 22:07:31 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011-06-24 22:07:31 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011-06-24 22:07:30 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011-06-24 22:07:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011-06-24 22:07:27 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011-06-24 22:07:27 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011-06-24 22:07:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011-06-24 22:07:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011-06-24 22:07:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011-06-24 22:07:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011-06-24 22:07:18 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011-06-24 22:07:11 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011-06-24 22:07:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011-06-24 22:06:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-06-24 22:06:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011-06-24 22:06:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011-06-24 22:06:51 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2011-06-24 22:06:51 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011-06-24 22:06:47 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011-06-24 22:06:45 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011-06-24 22:06:43 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011-06-24 22:06:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011-06-24 22:06:26 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011-06-24 22:04:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011-06-24 22:04:23 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011-06-24 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\foobar2000
[2011-06-24 20:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2011-06-24 02:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-06-24 02:31:35 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011-06-24 01:01:44 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-06-21 14:12:23 | 000,000,000 | ---D | C] -- C:\Users\asus\Desktop\ogłoszenie
[2011-06-21 13:51:07 | 000,000,000 | ---D | C] -- D:\xzcz\Praca
[2011-06-06 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\Scansoft
[2011-06-06 11:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011-06-06 11:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHORTCUT_FOLDERNAME
[2011-06-06 11:54:29 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\ScanSoft
[2011-06-06 11:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0
[2011-06-06 11:54:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2011-06-06 11:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft
[2011-06-06 11:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2011-06-06 11:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011-06-06 11:51:46 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2011-06-06 11:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP160
[2011-06-06 11:51:13 | 000,197,632 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM83.DLL
[2011-06-06 11:51:08 | 000,106,496 | ---- | C] (Canon Inc.) -- C:\Windows\System32\cnco160.dll
[2011-06-06 11:51:07 | 001,298,432 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCC160.DLL
[2011-06-06 11:51:07 | 000,135,168 | ---- | C] (Canon Inc.) -- C:\Windows\System32\CNCL160.DLL
[2011-06-06 11:51:07 | 000,057,344 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCI160.DLL
[2011-06-06 11:50:46 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011-06-06 11:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011-06-06 11:49:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011-06-02 20:19:10 | 000,000,000 | ---D | C] -- D:\xzcz\Nowy folder
[2010-04-21 17:32:38 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-06-27 21:30:23 | 000,047,031 | ---- | M] () -- C:\Users\asus\Desktop\Bez tytułu.png
[2011-06-27 21:24:12 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-06-27 21:24:12 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-06-27 21:16:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011-06-27 21:16:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-06-27 21:16:12 | 2388,459,520 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-27 20:49:18 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempvd2372.html
[2011-06-27 20:35:10 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job
[2011-06-27 20:02:35 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempxP2664.html
[2011-06-27 20:02:35 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempQG2664.html
[2011-06-27 19:47:26 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempel2228.html
[2011-06-27 19:47:26 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempiY2228.html
[2011-06-27 19:41:01 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempkET264.html
[2011-06-27 19:41:01 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempnpF264.html
[2011-06-27 19:19:20 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TemptV2076.html
[2011-06-27 19:19:20 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TemptZ2076.html
[2011-06-27 18:49:30 | 000,007,613 | ---- | M] () -- C:\Users\asus\AppData\Local\Resmon.ResmonCfg
[2011-06-27 18:31:35 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempVf2180.html
[2011-06-27 17:59:36 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempts2316.html
[2011-06-27 17:55:45 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempof2440.html
[2011-06-27 17:55:45 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempuc2440.html
[2011-06-27 10:56:39 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempFT2120.html
[2011-06-27 06:58:41 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempkM2336.html
[2011-06-27 06:58:41 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempPf2336.html
[2011-06-26 15:54:17 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2011-06-26 15:02:00 | 000,828,416 | ---- | M] () -- C:\Users\asus\Desktop\pfp1.jpg
[2011-06-26 14:34:24 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempSiA280.html
[2011-06-26 12:32:01 | 006,066,142 | ---- | M] () -- C:\Users\asus\Desktop\Zalacznik11.jpg
[2011-06-26 01:27:37 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempZD2284.html
[2011-06-25 14:48:47 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperResumePrompt_asus.job
[2011-06-24 23:10:41 | 000,414,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-06-24 21:29:43 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-06-24 20:36:31 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011-06-24 02:31:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011-06-13 00:54:00 | 000,014,135 | ---- | M] () -- D:\xzcz\solecki - Rechnung A4 -16.pdf
[2011-06-06 11:54:36 | 000,000,416 | ---- | M] () -- C:\Windows\MAXLINK.INI
[2011-06-05 22:00:54 | 005,986,000 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-06-05 22:00:54 | 002,474,984 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-06-05 22:00:54 | 001,979,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-06-05 22:00:54 | 001,888,854 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-27 20:35:10 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job
[2011-06-27 20:22:04 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempvd2372.html
[2011-06-27 20:00:46 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempxP2664.html
[2011-06-27 20:00:46 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempQG2664.html
[2011-06-27 19:44:44 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempel2228.html
[2011-06-27 19:44:44 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempiY2228.html
[2011-06-27 19:39:23 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempkET264.html
[2011-06-27 19:39:23 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempnpF264.html
[2011-06-27 19:18:51 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TemptV2076.html
[2011-06-27 19:18:51 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TemptZ2076.html
[2011-06-27 18:22:56 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempVf2180.html
[2011-06-27 17:59:28 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempts2316.html
[2011-06-27 17:48:40 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempof2440.html
[2011-06-27 17:48:40 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempuc2440.html
[2011-06-27 10:07:26 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempFT2120.html
[2011-06-27 06:48:57 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempkM2336.html
[2011-06-27 06:48:57 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempPf2336.html
[2011-06-26 23:41:54 | 000,031,915 | ---- | C] () -- C:\Users\asus\Desktop\Bez tytułu.png
[2011-06-26 15:54:17 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2011-06-26 15:02:00 | 000,828,416 | ---- | C] () -- C:\Users\asus\Desktop\pfp1.jpg
[2011-06-26 12:31:44 | 006,066,142 | ---- | C] () -- C:\Users\asus\Desktop\Zalacznik11.jpg
[2011-06-26 12:01:42 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempSiA280.html
[2011-06-26 01:04:43 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempZD2284.html
[2011-06-25 14:48:47 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperResumePrompt_asus.job
[2011-06-24 22:09:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl
[2011-06-24 21:29:43 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011-06-24 21:29:43 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-06-24 20:36:31 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2011-06-24 20:36:31 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011-06-24 18:52:51 | 000,007,613 | ---- | C] () -- C:\Users\asus\AppData\Local\Resmon.ResmonCfg
[2011-06-13 00:54:00 | 000,014,135 | ---- | C] () -- D:\xzcz\solecki - Rechnung A4 -16.pdf
[2011-06-06 11:54:36 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2011-02-21 13:11:59 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011-01-17 20:15:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-08 23:46:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll
[2010-08-08 23:46:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll
[2010-06-30 14:31:37 | 000,004,608 | ---- | C] () -- C:\Users\asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-30 14:31:18 | 000,221,184 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010-06-30 14:31:18 | 000,059,392 | ---- | C] () -- C:\Windows\System32\espr3260.dll
[2010-06-30 14:31:17 | 000,987,136 | ---- | C] () -- C:\Windows\System32\liboggvorbis-1.0.0.dll
[2010-06-30 14:31:17 | 000,552,960 | ---- | C] () -- C:\Windows\System32\liboggvorbis-0.3.1.dll
[2010-06-30 14:31:17 | 000,126,976 | ---- | C] () -- C:\Windows\System32\MPEGWriter.dll
[2010-06-30 14:31:17 | 000,069,120 | ---- | C] () -- C:\Windows\System32\libmpv-enc-1.2.5.dll
[2010-06-30 14:31:17 | 000,058,880 | ---- | C] () -- C:\Windows\System32\libmpg-mux-2.0.2.dll
[2010-06-30 14:31:17 | 000,056,320 | ---- | C] () -- C:\Windows\System32\libmpv-enc-1.2.4.dll
[2010-06-30 14:31:17 | 000,050,176 | ---- | C] () -- C:\Windows\System32\libmpg-mux-2.0.1.dll
[2010-06-30 14:31:17 | 000,020,480 | ---- | C] () -- C:\Windows\System32\libavi-dd-1.1.1.dll
[2010-06-30 14:31:17 | 000,020,480 | ---- | C] () -- C:\Windows\System32\libavi-dd-1.1.0.dll
[2010-06-30 14:31:16 | 001,036,800 | ---- | C] () -- C:\Windows\System32\libmpeg-1.0.0.dll
[2010-06-30 14:31:16 | 000,696,832 | ---- | C] () -- C:\Windows\System32\libmcl-2.8.0.dll
[2010-06-30 14:31:16 | 000,696,320 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.2.dll
[2010-06-30 14:31:16 | 000,675,840 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.1.dll
[2010-06-30 14:31:16 | 000,225,792 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.7.dll
[2010-06-30 14:31:16 | 000,209,920 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.4.dll
[2010-06-30 14:31:16 | 000,208,896 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.3.dll
[2010-06-30 14:31:16 | 000,128,512 | ---- | C] () -- C:\Windows\System32\libmpa-enc-1.0.3.dll
[2010-06-30 14:31:16 | 000,116,224 | ---- | C] () -- C:\Windows\System32\libmpa-enc-1.0.2.dll
[2010-06-30 14:31:16 | 000,069,120 | ---- | C] () -- C:\Windows\System32\libmpeg2-enc-1.2.5.dll
[2010-06-30 14:31:15 | 000,669,184 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.0.dll
[2010-06-30 14:31:15 | 000,666,112 | ---- | C] () -- C:\Windows\System32\libmcl-2.6.1.dll
[2010-06-30 14:31:15 | 000,427,008 | ---- | C] () -- C:\Windows\System32\libimg-2.2.9.dll
[2010-06-30 14:31:15 | 000,400,384 | ---- | C] () -- C:\Windows\System32\libimg-2.2.8.dll
[2010-06-26 10:11:04 | 000,002,045 | -H-- | C] () -- C:\Windows\System32\whlprd32a.dll
[2010-06-23 23:33:18 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-06-23 15:05:58 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-06-23 11:40:17 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010-06-23 11:20:55 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010-06-23 11:20:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-06-23 11:20:54 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-06-23 11:20:54 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-06-23 11:20:53 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-06-23 10:49:02 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010-06-23 10:45:04 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010-06-23 10:45:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010-04-21 18:08:14 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010-04-21 18:08:14 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010-04-21 18:08:14 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010-04-21 17:29:46 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010-04-21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010-04-21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009-07-14 10:07:57 | 005,986,000 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-07-14 10:07:57 | 001,979,930 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 000,414,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 002,474,984 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 001,888,854 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-07-14 00:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >[/log]

[log]GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-28 21:15:37
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545032B9A300 rev.PB3OC60N
Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\uxldrpoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 83653569 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83678092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE peauth.sys 99E4402C 102 Bytes JMP E35FAF7B
C:\Program Files\CyberLink\PowerDVD8\000.fcl entry point in "" section [0x99F01000]
.clc C:\Program Files\CyberLink\PowerDVD8\000.fcl unknown last section [0x99F02000, 0x1000, 0x00000000]
? C:\Windows\system32\Drivers\PROCEXP141.SYS Nie można odnaleźć określonego pliku. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] kernel32.dll!SetUnhandledExceptionFilter 772B3162 5 Bytes JMP 6B285B49 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] ole32.dll!OleLoadFromStream 76745BF6 5 Bytes JMP 6B5A0DB5 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1924] ntdll.dll!LdrLoadDll 7739F5B5 5 Bytes JMP 010E1410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1924] USER32.dll!SetWindowLongA 76E5B1E3 5 Bytes JMP 6456D9D0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1924] USER32.dll!SetWindowLongW 76E66614 5 Bytes JMP 6456D970 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73FF2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73FD5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73FD56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73FF250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73FE8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73FE4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73FE50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73FE51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73FE66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73FE82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73FE8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73FE907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73FEE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73FE4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000018d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ????????{40EDA462-96F5-4643-8164-421DE11F0356}??????????????? ???????|???????????u?:????????????&????????????????????????????????c???????????????????_??????????????????*6to4mp?????????????? ????????????????????????????????????????????s4FF??Karta Microsoft 6to4 #156?????????????????????????*??????????????????????????????????s??? ????????????????????????????????????????c?????????????????????????????????\Device\{40EDA462-96F5-4643-8164-421DE11F0356}??????????????????????????????????????? ?????????????????????1????????z?????????????4??????????????????????????????????e???????????2??12???????????????e????????????????????????????????????????N?????????????????? ?????????????????????1?????????????????????????????????????????????????B???????e??????????????????????????????nettun.inf?A-F???????????}??DA?????? 3??????? ???????U?????????????,??N?????$???<???????????????????????????????????? ?????????????????????1????????????????????nettun.inf??12???????????4??14??6to4mp.ndi??15??????TA??nettun.inf:Microsoft.NTx86:6to4mp.n
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route ?????????????????????????0??0-????????N??????e????Dlne??Microsoft????????????D??A6??? ??????????????????????????????????????????????????levice\NetBT_Tcpip_{973CC8DF-BEA2-4D8F-B016-DDAC4B7CC70F}] SEQPACKET 53?????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{361D78FA-2DD8-487F-B53E-875188F2BFED}] SEQPACKET 204???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-F??? ???????}???????????t????????"??????????????????????????3?????eEA???????s??? ??????????????&????l??????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{949CD133-0598-409B-9A14-5DC932C7620C}] DATAGRAM 236????? ???????}???????????t????????"??????????????????????????????j??disk.inf????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{654D692C-4373-4B59-A108-397049395E14}] SEQPACKET 237???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{654D692C-4373-4B59-A108-397049395E
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ?????????????????????????????????????????????z???????????B??\Device\NdisWan_{E2F8A220-AF88-446C-9A55-453E58DD3A33}?\Device\NdisWan_{DB2B4279-B5CF-4626-9DBA-32D0ECE44C87}?\Device\NdisWan_{C0DE3E38-8BA7-479F-8B75-833F294C5AA8}?\Device\NdisWan_{483C9FF8-503D-414B-B402-E4C1F1F568CB}?\Device\NdisWan_{E28D896F-9EA8-433A-9C10-66C97C19A921}?\Device\NdisWan_{636FF46E-80FE-4314-BC84-DC7749EDE5B4}??wan??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|???v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|???????????????????????{?????eDB???????????0??????????????????????????????????????????????????????????????????????????????Root\*6TO4MP\0241???*6to4mp
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ????????????????????????AC??@nettun.inf,%msft%;Microsoft?C???????????????????????????*??????????Net???????????????????????????????????????N??????\????Dt#*??\??\C:\pagefile.sys???????N????????????D??????2?????????????????*6to4mp?????? b?????? ??????????Karta Microsoft 6to4 #28?\????2??????1??????}"??? ???l???5?????s}???? ???g???}???????~???????????N?????scp????N??????A?????D89????2??????C??????80??????????????E-???????.???????i???????????????????????????F?????sF}??tunnel??????????????????t????????????????h??{4d36e972-e325-11ce-bfc1-08002be10318}\0044???????4???????????????????X??????e???t??*6to4mp???????????????????????????????????????????N????????????D????? l??????-?????E66??{4d36e972-e325-11ce-bfc1-08002be10318}??5????????d???????e??????????????????????????T ???????2??{4d36e972-e325-11ce-bfc1-08002be10318}\0031?????{4d36e972-e325-11ce-bfc1-08002be10318}\0039??&??Karta Microsoft 6to4 #56????Karta Microsoft 6to4 #82?4????????????????????????????:??????1?gE9??Net?????????????????????????Karta Microsoft 6to4 #3
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ??????????????????????2?????????????16??*6to4mp?sy???????????2??15??Typ?????disk.inf?????????e???????e????X??????l???t??????????disk?3??????e???e???Microsoft???????????????????????????????????????????????? l??????8?????23-??Net??????????????????????m????????c?????????????????int?????????????? ???????s?????s???????;??L??????????????3???????????????????????????????y???"???e??????????????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=policyagent|Name=@FirewallAPI.dll,-30003|Desc=@FirewallAPI.dll,-30006|EmbedCtxt=@FirewallAPI.dll,-30002|????Z???????????????????????????????????????????????????????????&???????????????????????????????????????s???????????????????t????????????N??????????????????????i???????o??? ???????@????????????????????$?N?y??????????????????????????s???????????????????????????????s????N??????e????Dlne????:??????T?g?????????????????????????????????????-?????eC1?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ???????????n?&?n?&??int??????????????s?????????????a????system32\DRIVERS\ACPI.sys????????????9????????????2????????????e???????????????????????n?????????????????????????????????????????????????????????????????????????9???????????????????????????????????6????????????????X?????????????*6to4mp??????,?,?m?m?m?m?,?n?n?n?n?n?n???????n???V??00??????????ASUSX???????????????????????????Net?#?????????????????????m??????????????????????????????|???????u???t???????????????????v?v?v??? ???????n???????????n?,?????? ???????????????????????????????m???????????????????????????????N??????e????Dlne????????????????????m??n???????n????????????????????????????????????????????????????????????:??????6?gF-??????????????????????t????????????????????????k??????p?????????????????????????2?????????????????tunnel?441??????00???d????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adp94xx.sys?y???????n??????p???SCSI Miniport?????R??n???????????d??adp94xx.inf_x86_neutral_4928c8870f6a1577?????n?n?n?n?n?n???
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ?????????????????????i??????*6to4mp??????k?k?k?k?k?k?k?l?k?l?l??@volsnap.inf,%msft%;Microsoft????????u??????????????????tunnel??????????????? ????????????????????????????????????????????s9C8??? ?? ???????????????? ???????????????????????????????????????f??? ?????????????????????1??L????????? ???????tB?????????????????f????? ?????????????????????1????????????&????????????????????t??? ?????????????????????1????????????????????? ???????????????????u?1????????z?????????????????????????????z?????? ??????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?4??? ?????????????????????1????????????&????????????????????8??? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????8??AB???????|???A??7}??????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????3??95???????????7??9}??6.1.7600.16385??mu??? ?????????????????????1????????????????????????????????????????? ?????????????????????1????????*?????????????????????????????*
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ?????9??LegacyDriver????????????????????? l??????3?????-FC??tunnel??????{4d36e972-e325-11ce-bfc1-08002be10318}\0038?? ???2???????????????????*?@?&?@?&?@?&?@?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&???&???&???&???&???&???&???&?A????????????????????????????????????????????????????????????????????????????????? ???A??????????t????????A???????????????????@??????????????? ??????????????????? ??????????????n???6.1.7600.16385????????.?????????????????storage\volumesnapshot???????A?A????????????????? @?????????????????Rodzajowa kopia w tle wolumin?w????????????????????????d?????????A???????????????????????????A?A?A?A?A?A?A?A?A?A?A?A?A??????????? ???????A????????2???????????.??????????????s???????????????????e??????????????????????????? ??????????????????? ??????????????D?????????????????n?mm??????????????????? ???????d??????eC??????????????????? ????????????????????????????????????????????????????????????????????????????l????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ? ?????????p?????p????"??p??????p?????4??p??????????????????????????t???????????????????????Net??????????????????????r?r????? ???????o?????p?????p??????????Z?/???????????????????????????????????????????????T??p????????h?????\SystemRoot\system32\DRIVERS\BrFiltLo.sys?????Z??p?????????e????Brother USB Mass-Storage Lower Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????p???????????p??????????,??? ?????????????,??p???????????s??/GR=OFF /TO=10 /OW=30???? ???????o???????????p??????????Z?0?????????????????????t?????????????????????????????????????????T??p????????h????????p???p??????Z??p?????????e???????p?????p??????????????\SystemRoot\system32\DRIVERS\BrFiltUp.sys???Brother USB Mass-Storage Upper Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????o?????p?? ?????????????Z?1??????r??%SystemRoot%\System32\svchost.exe -k netsvcs????@%systemroot%\s
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ?????t???????????1???????????????????n???????????????????2??12??????????? ??????????tunnel??????????????????6.1.7600.16385?B01???????????}???????s??????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1??????*?0??? ???????????????????????????????d ??????~????s??????????Po??czenie lokalne* 126???????????????????????????.Po??czenie lokalne* 126??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????2Karta Microsoft 6to4 #119?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ????????????el??????????????B????????????????????????????????????????????????????|????N??????e????Dlne????????????,Po??czenie lokalne* 67???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????0Karta Microsoft 6to4 #60??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ????????????????????????????????{00000000-0000-0000-0000-000000000000}??????????????????????????????????????STORAGE\VolumeSnapshot??? ?????????D??????X??????e???????????????????????????????????????e??0???????C7??????????????????? ???????0??????? ????X?????????????11??????????????????????????????????Net?????????????????????*6to4mp????????????????????????????s?p????2?????????????????????????????????tunnel???????????l???B???????????k??{00000000-0000-0000-0000-000000000000}??????{533c5b84-ec70-11d2-9505-00c04f79deaf}\0005?????????????????????????????????? 0??????????????????????????????????????????????l???????????????????????????l?l?l?????k?l????????????????????????????????????X??????e???????????????????????????????????t????X??????????e???????????????B????X??????????????`?d?d?d?h?g?????????????? ??l???e???e??? ??????????????p???????l????X??????????????????????f?g?h?h?h?h????????????Net?????Net???????????????????????????????.?????????????6-21-2006?????????????????????????????????????????????????????,Po??czenie l
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ????????????4?????????????????????????????????m?????????????Microsoft???????????? ???????????????????{????????"??????????????????????????????e??????????? ???????????????????|????????"?????????????????int?????????????Microsoft???tunnel????????????????????????m?????6to4mp.ndi??13??????????*6to4mp?6?????????????????????m?? ???????????????e????????????????????????????????????????m???????????????????????????????????????????????????????????????0?????????????????????????????AP????????????????????m??????????????????h??????????????????????????????????????? ??????????????????6-21-2006???? ?????????????????????1????????????????????6to4mp.ndi?9EA???????????R???????????????????t??????????????????????????????????? ???????????????????????????????????????????????????y??????? ???????????????n??????????????????????????????M????1???????2????$?????????????????ROOT\*6TO4MP\0071??????????????????d?????????????????????????????'"?????? ??????????????????????????????>??????i????? ??????????????????? ?????????????????????1???????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????ce??? 4?????????????s.??????ev??{4d36e972-e325-11ce-bfc1-08002be10318}\0281?? ???????????5???????????????????????????????????????????????????e????????ml?r??????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????6.1.7600.16385??????????????????????????????? ?????????????????????1????????????????????????????? ??????????? ?????????????????????1????????????????????????????????????nettun.inf??????? ????????????????????????*???????????dms_??? ???????p??????n6???????????????????????????????*??????\0??? ???????U?????????????,??N?????$???<?????????????????????????????????????????????????????*?????????????????TCPIP6TUNNEL?Tcpip6??2??\Device\{FD38421D-67DB-4E97-801C-CC9489F5609F}??????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EAE74DAE-5334-4D3B-B1DB-20EC91FE3AC7}] DATAGRAM 193?????????????T??????????6.1.7600.16385??????????os??t???? ??????????????????? ????????????????????????"?????l???????????27??tunnel???n??? ??????? ?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????????????????????????????????????????????????????????????e??? ???????|???????????l?:????????????&????????????????????-??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{0343E755-E2F9-4AD2-A123-40EAFBFF1A9A}] SEQPACKET 150????????????z???????z???????????v???t??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F98FAF83-180E-4968-AC6E-A2873C542AF6}] SEQPACKET 144???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F98FAF83-180E-4968-AC6E-A2873C542AF6}] DATAGRAM 144????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8156C9CA-275C-4141-95F0-982DE44B1803}] SEQPACKET 145???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8156C9CA-275C-4141-95F0-982DE44B1803}] DATAGRAM 145??????N??????o?????DAT??????????????????????CF??int??????????????????????????????????????????????????????y?????????es ??Po??czenie lokalne* 157?????????????????? ????????????????????????????"?????????????????????????????????????????????????? ????????????????????????????"?????????????6-??????????????????????? ????????????????????????????"?????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ????Mi??? ???????????????????z????????"?????????????????????????????????s???? ???????????????????z????????"??????????????l??tunnel????????????????R??????????????????????????????????????????????????t???????????l??????? ??????????????????????????????????????????? ?????????????????????1??L????????? ???????68??????????????????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????z?????????????z?????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp????????????? ?????????????????????1????????????&????????????????????}??????????????????tunnel???????????????????????????????9??????20??????????????????????????? ????????????????????????"?????l?N?????????? ????????????????????????"?????l?M?????DA??*6to4mp?????? ????????????????????????????????????????????sF84??? ??M???????????x???25??? ??????????????????????????????????????????????????? ??L???????????x???? ???????????????????????????????????????f??? ?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ????????????????????????Karta Microsoft 6to4?????????????A?????e7F??????????? ???????????????????????????B????????????????????????????????????????????????z???????????????????????N?????????????????????46???????????t??????????????????tunnel?inf??????????????????????????????????? ?????????????????????1????????????????????????6.1.7600.16385??????????????????????????????????????Typ?????Typ??????????????i??????????????????? ?????????????????????1????????????&???????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?p??? ?????????????????????1????????????&????????????????????a??? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? l??????_?????l?????????????T??????????ce??? 4?????????????s.??????ev??{4d36e972-e325-11ce-bfc1-08002be10318}\0281?? ???????????5???????????????????????????????????????????????????e????????ml?r??????????????????????? ?????????????????????1???
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ??????????????????????????,Po??czenie lokalne* 39???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????0Karta Microsoft 6to4 #32??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ????????????????????????????????????????????? ???????@????????????????????$?N?????????????????????????????????N??????????????????????????A??????????? ???????c?????\De??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{557F5451-E2CD-4EDA-B938-40EF67F793A2}] DATAGRAM 114?????????????T????????m?Tc????????????????????????????????????????0??????4??-7??? ???????U?????????????,????????$?w?<???????????????????????????????08??? ???????U?????????????,????????$???<???????????????????????????????.i??????????????dw????????????????????????????????????????????z?????????????Typ?????????????? ???????Z?????????????1??????????X?&???????????????????????? ???????????????????z?1??????*?0??? ???????6-??????????????????????????????????????? ????????????????????????????"???????????????????X??????????t??? ???????U?????????????,??N?????$?v?<???????????????????????????????69???????????4??????????dw?????????????????e??????????????.Po??czenie lokalne* 116?????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ?????????????????????h??? ???????}???????????l????????"???t?????????8????????????3??CF??int?-4???????????C???e??tunnel??sy????>??????E??????Sterownik karty Microsoft 6to4?-9F??? ??????????????????????????????"??? ??????.pl??????? ????????????????????????"?????l?b?????ot??{4d36e972-e325-11ce-bfc1-08002be10318}?pSv??? ???????D?????Fir??? ????????????????????????????$?N?p?????????{4d36e972-e325-11ce-bfc1-08002be10318}\0112??"??????????? ????????????N?????????????????{D4D8ACF8-B9DD-4D9E-8AC4-B48A11492531}??????????????????????????tunnel?1-C??????????????????????? ?????????????????????1?????????????????????????????3??FC??*6to4mp?????? ???????1?????????????,??N?????$?b?<???????????????????????????????02??? ?????????????????????,????????????'????????????????????}????????????$??????\???????N??Root\*6TO4MP\0096????????????????4??????CA??\\?\Root#*6TO4MP#0096#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{FF114274-64F6-42A4-B152-A637E42781E8}?BT??????? ???????:?????????????:????????????&????????????????????N??? ???????_?????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ????8???*6to4mp?4F??? ???????????????????|????????"??????????????????????????????????????????????????"??????????????????????? ???????????????????|????????"?????????????????????????6-21-2006???????3?????????????????????m?????????????????????????????????? ???????????????????|????????"?????????????????????*6to4mp???????0??????????t??????????????F}??????? ????????????????????????"?????l???????15??? ????????????????????????"?????l???????,%??????5C??????????????????????????????? ???????????????????|????????"?????????????????*6to4mp?FF???????????????????????t??????*6to4mp?????*6to4mp?????*6to4mp?18??*6to4mp??y??*6to4mp?A2????`?????????????????????????????????text????????????Microsoft???tunnel?4BE???????????????????l???e??????????????nettun.inf??????????????????????????????????????????AT??? ????????????????????????????????????????????sF}?????.??????f??s???text????????????????????levice\NetBT_Tcpip_{973CC8DF-BEA2-4D8F-B016-DDAC4B7CC70F}] SEQPACKET 53????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ???.?U??? ???????.?????7?????:????"???&??????????????1??? ???.???.???????e???.???.???????.??PCI\VEN_8086&DEV_2A42&REV_09?PCI\VEN_8086&DEV_2A42?PCI\VEN_8086&CC_030000?PCI\VEN_8086&CC_0300?PCI\VEN_8086?PCI\CC_030000?PCI\CC_0300????.????N??.?????????DSR???????????.???????/???????'???9?????????????e6.??msv1_0??????2??????????????????.?/???.??? ???????.?????:???????1???????????????????????.?????6?8???????9?&?:?&?????.?0???.??PCI\VEN_8086&DEV_2A43&SUBSYS_18621043&REV_09?PCI\VEN_8086&DEV_2A43&SUBSYS_18621043?PCI\VEN_8086&DEV_2A43&CC_038000?PCI\VEN_8086&DEV_2A43&CC_0380????? ???.???i???????.?????.??????"??.????????????????????????z??/???????????????????????????????????/??? ???????8?????.???????1????????????&????????????????????u?????:???.???8???:?????.??PCI\VEN_8086&DEV_2A43&REV_09?PCI\VEN_8086&DEV_2A43?PCI\VEN_8086&CC_038000?PCI\VEN_8086&CC_0380?PCI\VEN_8086?PCI\CC_038000?PCI\CC_0380????.???9?9?????:?:?:??????? ???8???.?????.?/???????????????????????????????????T???????????????????.??????e????V??? ???????.?????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route ???.?/???.??? ???????.?????:???????1???????????????????????.?????6?8???????9?&?:?&?????.?0???.??PCI\VEN_8086&DEV_2A43&SUBSYS_18621043&REV_09?PCI\VEN_8086&DEV_2A43&SUBSYS_18621043?PCI\VEN_8086&DEV_2A43&CC_038000?PCI\VEN_8086&DEV_2A43&CC_0380????? ???.???i???????.?????.??????"??.????????????????????????z??/???????????????????????????????????/??? ???????8?????.???????1????????????&????????????????????u?????:???.???8???:?????.??PCI\VEN_8086&DEV_2A43&REV_09?PCI\VEN_8086&DEV_2A43?PCI\VEN_8086&CC_038000?PCI\VEN_8086&CC_0380?PCI\VEN_8086?PCI\CC_038000?PCI\CC_0380????.???9?9?????:?:?:??????? ???8???.?????.?/???????????????????????????????????T???????????????????.??????e????V??? ???????.???????????.????????"??????????f?????9???.???8?????????????.???.???e???.??PCI\VEN_8086&DEV_2937&SUBSYS_18671043&REV_03?PCI\VEN_8086&DEV_2937&SUBSYS_18671043?PCI\VEN_8086&DEV_2937&CC_0C0300?PCI\VEN_8086&DEV_2937&CC_0C03????? ???.???r???????.??usbuhci??/???????????????????????????????????.?????????????)?????????.???????;??? ???????.?????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ???/?/???????.???9???????????????/???????P?????? <??????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????,??? ???????8???????????????[???????????????g?g?f???????????????????????????s???/???????????????U?????7???????0???0???0????????? ???/?????????????????4?????4?4?/??????????????????????????PCIIDE\IDEChannel\4&13d37a7d&0&0??????&??/???????????i???/??????????????????????0???????????????cdrom????????????9??????????CDROM???Mobile Intel(R) 4 Series Express Chipset Family?Chipset Family (Microsoft Corporation ? WDDM 1.1)????????.??????4???? ???/???-??????????????????disk?3???????????9????????a48D???/?????????????????????????????????????? ????f??????#{??Mouse???? ???????-?????/????????????????????(????????????????????????"???????????????????????????????????????????????????????????????????????????????????????????????/???????/??? ??????Net??????????[??????????????? ???????9??????e???athr???????? ?????????e? ???Posix?? ? ??256?????Debug?W
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???o???????? ??????????s?4????\??t?????????e?????????k???????????????????????????????????????????????????k??? ???????g?k?k?k??????????X??t?????????e?????k?}?|??????????????????????s????????????D???E????P??t?????????e?????k???k??{00000000-0000-0000-0000-000000000000}?????????????????????????????????????s?&?????????????????s?????k?k?k?k????s???{8ECC055D-047F-11D1-A537-0000F8753ED1}?ft?????????????????????????????:??????c?gxe??? ???????k?????k?????k???????????????????????9???????????9???????9??? ???????k???????????k??????????N???????.1??????????????s????????k???4???e??WfpLwf?4?4???t?}?|??{71a27cdd-812a-11d0-bec7-08002be2092f}?????????? ????m?????s?????????k??????????WudfPf???????????k???????e??fltmgr?????????????????????????????????????sN???????????????????vwififlt?I????N??u?????????e??????N??v?????????e?????}?|?|??USB?????? ??k???????????????????????????????????k?k?k?k?????.??KL1??????k???k???k???k???????????????.???????????o???s??? ???????k?????k?????k?????????????? ???????????????????????????????? ???????k?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???s?s???????U???8??s????????i??@usbport.inf,%pci\ven_8086&dev_2935.devicedesc%;Uniwersalny kontroler hosta USB Intel(R) ICH9 Family - 2935???????>??????/?g?/??? ????????????????????2?????????????16???????????s?s?t???i??????????????????????????????????????? ??ri???i?ier???????????????????????i???????????i?i (???????????l??r???? ???????i?????i???????1????????????&??????????????????????????i????tunnel??????? ???????i?????i???????1????????????????????????????? ???????i???????????i?1????????????????????usbport.inf:Intel.Section.NTx86:EHCI.Dev:6.1.7600.16385:pci\ven_8086&dev_293c????????i???????????i?i&d?????????????????????i????? ???????i?????i???????1?????????????????????i?i????????? ???????i???????????i?1?????????????????????????i???:???????????????????????????&?????i????? ???????i?????i???????1???????????????????????i???i???i????????? ???????i???????????i?1?????????????????????????i???3??1}???????:???i?i?????i?i???????i????? ???????i ????i???????1????????????&????????????????????:??? ???????i?????i???????1???
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ?????????????v???s???????????????`???????????????t??Root\*6TO4MP\0064????????????F??????1}??? ???????s?????s???????????????????? ?????? ???????s????? ???????s???????????????????????????????????????s?s?s??? ???????s????????????????????r?p??? ?????????????l??s?????????????????????????????X???(??????P????????????(??????P???????????????l??s?????????????????????????????X???(??????P????????????(??????P???????????????l??s??????????????/??????????????X???(??????P????????????(??????P??????????????'0??s???,???????????????????/???????????????????????????;????:??s????????h???????D??s???9?????????????????????????0???(??????P???????????????D??????c????????????/e10???????????????????????s???????s????????????H??s?????????????????????????4?????????? ???????????????????H??s???????????/?????????????4?????????? ???????????????????0??s?????????????????s???s???????s?????????????????????????????????9p??s????????????????????????????????/????????????????\???(??????P??????????????????? ?????????????????LocalSystem?????? ???????s?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???s?s??????????? ???????s????????????????????,?B??? ???????????? B??s??????????????%SystemRoot%\System32\ikeext.dll?????????????????????????????????s?????????n????IkeServiceMain??????? ???????s?????s???????????????????????????o???????s???s????? ???????s???????????s??????????\?????0????????????????????????s0????????s????????????????????????\??s??????0???500?UDP?%windir%\system32\svchost.exe?IKEEXT?????s?s?s?s?s????????????????0?????? ???????o?????s????????????????????????????? ???????s?????????????????????????? ??????????????s????? ???????o???????????s??????????T???????????????????????t????????????????????s?s?s????????????????????????T??s????????h???????(??s??????p????s?s?s?s?s?s???????s???s????\SystemRoot\system32\DRIVERS\intelide.sys???System Bus Extender???????N??s???????????d??mshdc.inf_x86_neutral_f64b9c35a3a5be81??????????? ???????o??????????????????????J???????????system32\DRIVERS\intelppm.sys?ntelppm.sys??????????????????e????????????System32\DRIVERS\netbt.sys??????????????????t????????v??????e2?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???s????Net??z??? ???????s???????????s????????,????? ???????????????????????????????????????d???????????????e????????s??????????????????KeyboardClass??????????????????????????????????????????????????????s????? ???????o?????s????????????????T???????????????????????t?????????????????????????????????????????P??s????????h?????\SystemRoot\system32\DRIVERS\kbdhid.sys??????? t?????t????(??s?????????e????Keyboard HID Driver??????????s??????p???Keyboard Port???LocalSystem?????? ?t????Net???????T??s???????????d??hidirkbd.inf_x86_neutral_b7b6ffb126da2654??????????????g?????t??? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s?????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ? ?t????Net???????T??s???????????d??hidirkbd.inf_x86_neutral_b7b6ffb126da2654??????????????g?????t??? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s??????????????????????????????0????????????????????????????????????? ????????????????????????????????????????????????????????????t????? ???????o???????????s??????????8????????????????s???0???2???t?????????????g ???????????????t????????????????5!??????t?t?t?????????????????t?????????s????????????????????????????????:??????????????????T??????s???Net?????Typ?????????????????? ???????o??????????????????????:????????g??????????????????????????tunnel?c36???????v????`??t?????????e???????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???k?????????????l??Net?????LegacyDriver????*6to4mp?? ??????47???????l???D??25????(??l???7??F9??????????????????????????? \??????4??????????mrxsmb???????????&?????????????????s???????????????????s?????????i??????p????l???????????????k???B???\???k??? ???????k?????k?????l????????????E??????????????????????????????4??? ???????k???????????k??????????\???????s????k?k?k?k?k?k?k????X????????????????k?&???????l??????????????????? ???????k?????k?????k????????????$??????????R???????k???.??s6???l??? ???????k???????????k??????????b???????????LegacyDriver?????k??tunnel?A80???l?????k?&?????????????????s????????????? ?????s?????????l??????s?????????????????????X??|?????????e?????l??????????*6to4mp??3???????????????????????????n??VNUSB???LegacyDriver? ?????????????????????????s????ROOT\VOLMGR???????V??z?????????e?????l??? ???????k?????k?????k????????????&? ???????B????????????,???????/??? ???????k???????????k??????????P????????????????????k?k?k?k?l?l?k???k?????????????k?&????N??????????????????k?k?l?k?k?????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ???p??????n????????????e????system32\drivers\csc.sys?????????p???????s?????s?s???r?rp???Video Init????????????????$??p??????????????Global\MMF_BITS_s????o?o?p?p?p?p?p?p?p?p?p?pPe???????|??????????????????????????????????????????Net??????????????p???????p??????????????????????t???? ??????????????r????????????????????????? ??o?????????t????? ????????????????????????????????p??????r?r?p??? ???????p???????????p??????????????????????????????4?? ?????????? ????\???????????????????? ??????????????????????????? ??????? ????????p?????o???o???p????????? ???????o???????????p??????????T?-?????????Application??????p??System Bus Extender??????l?l??????????????????????????????>??p?????????e????????????????????????????????????t???????????????????????????f}??????????? ???????r?rf???? ???????o??????????????????????P?.???????????Z??p?????????n??????b??p?????????e????*6to4mp?????????????????t?????????????0??s??????p???@%SystemRoot%\system32\clfs.sys,-101???????p?????????@???????????p???????????q?q?q??????????????? ?????????p???
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ???s?s???r?rp???Video Init????????????????$??p??????????????Global\MMF_BITS_s????o?o?p?p?p?p?p?p?p?p?p?pPe???????|??????????????????????????????????????????Net??????????????p???????p??????????????????????t???? ??????????????r????????????????????????? ??o?????????t????? ????????????????????????????????p??????r?r?p??? ???????p???????????p??????????????????????????????4?? ?????????? ????\???????????????????? ??????????????????????????? ??????? ????????p?????o???o???p????????? ???????o???????????p??????????T?-?????????Application??????p??System Bus Extender??????l?l??????????????????????????????>??p?????????e????????????????????????????????????t???????????????????????????f}??????????? ???????r?rf???? ???????o??????????????????????P?.???????????Z??p?????????n??????b??p?????????e????*6to4mp?????????????????t?????????????0??s??????p???@%SystemRoot%\system32\clfs.sys,-101???????p?????????@???????????p???????????q?q?q??????????????? ?????????p?????p????"??p??????p?????4??p??????????????????????????t??????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???n?????????????????????????????????????????????????????????????????????????9???????????????????????????????????6????????????????X?????????????*6to4mp??????,?,?m?m?m?m?,?n?n?n?n?n?n???????n???V??00??????????ASUSX???????????????????????????Net?#?????????????????????m??????????????????????????????|???????u???t???????????????????v?v?v??? ???????n???????????n?,?????? ???????????????????????????????m???????????????????????????????N??????e????Dlne????????????????????m??n???????n????????????????????????????????????????????????????????????:??????6?gF-??????????????????????t????????????????????????k??????p?????????????????????????2?????????????????tunnel?441??????00???d????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adp94xx.sys?y???????n??????p???SCSI Miniport?????R??n???????????d??adp94xx.inf_x86_neutral_4928c8870f6a1577?????n?n?n?n?n?n????????????????t?????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adpahci.sys?y???????n??????p???SCSI Mi
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ???p?p???k?k?????????????????????????????k?l?p?p?????k?l?l?s?s?o?l???????p?????????e??????????????????????????????????????????????????????????????@FirewallAPI.dll,-23521???????@FirewallAPI.dll,-23522???????MPSSVC?????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P???????????????????????????bitsctrs.ini????Event Log????&???????????????????????????????&???????????????????????????????&??????????????????????????????system32\DRIVERS\bowser.sys?????@%systemroot%\system32\browser.dll,-103?????ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)??????cdrom.inf_x86_neutral_db87d184bc84f910??????@%SystemRoot%\system32\clfs.sys,-100??????J??p?????????n?????????????????????????????p???p??ei??????????????????????? ???????o???????????o????????L??????????????&???p?????????????????????????????????????????????????????????????????#????????????????????@FirewallAPI.dll,-23501??????????????????????????&?
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ???t?t???????????????t?????????e??????Z??t????????h??????????{??????os???? ??t??????p??????? ????????????????t???????????e??SamSS?Srv?????????,??????????????????????????????????????????t??????????????????SeChangeNotifyPrivilege?SeImpersonatePrivilege?SeAuditPrivilege?SeLoadDriverPrivilege????????t?t?t?t?t?t?t?t?t?t?t??????????? ???????u???????????t?????????????? ?????????????????????????y?????? ???????o?????t?????t??????????R???????????????????????t??????????????????????t??????????????????????????P??t????????h?????\SystemRoot\system32\DRIVERS\parvdm.sys?????RpcSs????????????t??????p???Extended Base????????t???????????e??Parport??&???????????,???,??? *??t??????????p???Parallel arbitrator???????R??t???????????d??msports.inf_x86_neutral_c1a802e06677f73f?????t?t?t?t?t?t?t?t????? ???????t?????????????????????????? ???????????? ???????o?????u?????u????????$???????????????J??t?????????e????@%SystemRoot%\system32\pcasvc.dll,-1?????????????????????????????t????????h?????%systemroot%\system32\svchost.exe -k LocalSyste
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???j?t???j??????????????? ???????j?????j???????1????????????&???????????????????????? ???????j?????????????1???????????????????????j????? ???????j?????????????1????????????????????? ???????j?????????????1?????????????????????????????????????j??? ???????j?????????????1????????????????????? ???????j?????????????1?????????????????????????j???e??2-?????????????j????? ???????j?????????????1????????????????????? ???????j?????????????1????????????????????? ???????j?????????????1???????????????????????j???j???j???j???j???j???j???j???????????????????j?????????j??????????atapi_Inst???????????????????????j?j????????? ???????j?????j???????1????????????&????????????????????u??? ???????j?????j???????1????????????????????? ???????j???????????j?1????????????????????@system32\DRIVERS\pci.sys,#3075;Universal Serial Bus (USB) Controller?egowej (USB)??~???? ???????j?????j???????1????????????&????????????????????????????????F?????sA5??? ???????j?????j???????1????????????????????? ???????j???????????j?1?????????????????????????j?
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???p?????????@???????????p???????????q?q?q??????????????? ?????????p?????p????"??p??????p?????4??p??????????????????????????t???????????????????????Net??????????????????????r?r????? ???????o?????p?????p??????????Z?/???????????????????????????????????????????????T??p????????h?????\SystemRoot\system32\DRIVERS\BrFiltLo.sys?????Z??p?????????e????Brother USB Mass-Storage Lower Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????p???????????p??????????,??? ?????????????,??p???????????s??/GR=OFF /TO=10 /OW=30???? ???????o???????????p??????????Z?0?????????????????????t?????????????????????????????????????????T??p????????h????????p???p??????Z??p?????????e???????p?????p??????????????\SystemRoot\system32\DRIVERS\BrFiltUp.sys???Brother USB Mass-Storage Upper Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????o?????p?? ?????????????Z?1??????r??%System
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???t?????????s????????????????????????????????:??????????????????T??????s???Net?????Typ?????????????????? ???????o??????????????????????:????????g??????????????????????????tunnel?c36???????v????`??t?????????e????????????????????????????????????????????g?????\??t?????????n?????????????d?????????V2A????N??v?????????n????t???6-21-2006???? ???????o?????t?????t????????@?????????m?????$??t?????????e????@comres.dll,-2946????????t????????h?????%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation?????$??t?????????n????@comres.dll,-2947???? 8??t??????????????NT AUTHORITY\NetworkService??????????????????????????????????????????????t?????????????? ????????????????t???????????e??RPCSS?SamSS???????,??t????????????????????????????????????2??t??????????????????SeChangeNotifyPrivilege?????? F??t???????????????t??? ???????????????????????????????????????????????????t?t?t?t?t?t?t?t?t?t?t?t????? ???????t???????????t????????,?F??? ???????????%systemroot%\system32\msdtckrm.dll????????"??t?????????n????KtmRmServic
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???m?v????N???????????????????~??m??? ????????r??????5?g?5???{?{?????????????????????m?m?3???????????????3???????m???2??????Microsoft????m?mme???????????????????????????3???????m?m????? ??????????????x???x???? ???????l?????l???????1?????????????????????m???????????????????????????3???????m???a??in??msmouse.inf??????m?m?m??MSDMine?????? ???????m???????????l????????????????????????s?????? ???????m???????????????????????????????f??? ???????m?????m???????1??L????????? ??????????????m???m???m????????? ???????m?????m???????1????????????&???????????????????????? ???????m?????m???????1????????????????????? ???????m???????????l?1?????????????????????????????3???3???????????C??ss???m?m???????m????? ???????m?????m???????1???????????????????????m???m????? ???????m???????????l?1?????????????????????????????????????????l???????????l?m???????m????? ???????m?????m???????1????????????&??????????????????????????m???m????? ???????m?????m???????1????????????????????? ???????m???????????l?1????????????????????? ???????m?????????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route ???m?v???????????v?????m????? ???????m?????m???????1????????????????????6.1.7600.16385?3?????m?m????????? ???????m???????????m?1?????????????????????????????????e???????m???????3?????????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1?????????????????????????????6????????8??p????????h??????????m???m?m?m?????????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1???????????????????????????????????s?????????????n?????s????tunnel?C18?????m????? ???????m?????m???????1???????????????????????m???m???m???m???m???m???m???m???m????????????? ???????m???????????m?1?????????????????????m?m???????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1??????????????????????X??????&???&???????m??????e??????????????????????????????m????? ???????k?????m??????????????????^??????U??? ???????m?????m?????m????"?????????????????@umbus.inf,%umbusroot.devicedesc%;Modu? wyliczaj?cy magistrali g??wnej UMBus? ???m?mem??nd?????m?&????N??n??? ?????D?4??6&204e05bc&0?7??STO
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???j?t???????.??????????{36fc9e60-c465-11cf-8056-444553540000}?.?.??ATA Channel 0????????j?????????????????s??????????????????????:??k?????g??????\??t?????????e?????????????j???????z?z?z??{4d36e972-e325-11ce-bfc1-08002be10318}?rot??? ???e???0????????????:??????0?g-B???????????????k?????????????????????????j????@usbport.inf,%pci\ven_8086&dev_2939.devicedesc%;Uniwersalny kontroler hosta USB Intel(R) ICH9 Family - 2939??????????/??????s???? ???????j?????j?????j????(???$????????????????????????????????????????4?????????j??????????????\??\PCI#VEN_8086&DEV_2939&SUBSYS_18671043&REV_03#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}??????j?jon??????????? ???????j?????j???????-??4????????????????????? ??????j????? ???????j?????????????-?????????????????????y?????j????? ???????j???????????j????????"??????????f???????j ???????????r???????????Z????????????????? ??????????????? ? ?????????????????????????????????????????????? 4??j?????????????????????????????? ????????????j?j????????-0???j??? ???????j?????j???????
Reg HKLM\SOFTWARE\Classes\.aglib@ AdobeLightroom.Aglib
Reg HKLM\SOFTWARE\Classes\.aglib\AdobeLightroom.Aglib
Reg HKLM\SOFTWARE\Classes\.aglib\AdobeLightroom.Aglib\ShellNew
Reg HKLM\SOFTWARE\Classes\.agmodule@ AdobeLightroom.agmodule
Reg HKLM\SOFTWARE\Classes\.agmodule\AdobeLightroom.agmodule
Reg HKLM\SOFTWARE\Classes\.agmodule\AdobeLightroom.agmodule\ShellNew
Reg HKLM\SOFTWARE\Classes\.agtoolkit@ AdobeLightroom.agtoolkit
Reg HKLM\SOFTWARE\Classes\.agtoolkit\AdobeLightroom.agtoolkit
Reg HKLM\SOFTWARE\Classes\.agtoolkit\AdobeLightroom.agtoolkit\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrcat@ AdobeLightroom.lrcat
Reg HKLM\SOFTWARE\Classes\.lrcat\AdobeLightroom.lrcat
Reg HKLM\SOFTWARE\Classes\.lrcat\AdobeLightroom.lrcat\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrdb@ AdobeLightroom.lrdb
Reg HKLM\SOFTWARE\Classes\.lrdb\AdobeLightroom.lrdb
Reg HKLM\SOFTWARE\Classes\.lrdb\AdobeLightroom.lrdb\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrmodule@ AdobeLightroom.lrmodule
Reg HKLM\SOFTWARE\Classes\.lrmodule\AdobeLightroom.lrmodule
Reg HKLM\SOFTWARE\Classes\.lrmodule\AdobeLightroom.lrmodule\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrtemplate@ AdobeLightroom.lrtemplate
Reg HKLM\SOFTWARE\Classes\.lrtemplate\AdobeLightroom.lrtemplate
Reg HKLM\SOFTWARE\Classes\.lrtemplate\AdobeLightroom.lrtemplate\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrtoolkit@ AdobeLightroom.lrtoolkit
Reg HKLM\SOFTWARE\Classes\.lrtoolkit\AdobeLightroom.lrtoolkit
Reg HKLM\SOFTWARE\Classes\.lrtoolkit\AdobeLightroom.lrtoolkit\ShellNew
Reg HKLM\SOFTWARE\Classes\.lrweb@ AdobeLightroom.lrweb
Reg HKLM\SOFTWARE\Classes\.lrweb\AdobeLightroom.lrweb
Reg HKLM\SOFTWARE\Classes\.lrweb\AdobeLightroom.lrweb\ShellNew
Reg HKLM\SOFTWARE\Classes\.opd\shell
Reg HKLM\SOFTWARE\Classes\.opd\shell@ Open
Reg HKLM\SOFTWARE\Classes\.opd\shell\Open
Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command
Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command@ "C:\Program Files\ScanSoft\OmniPageSE4.0\OmniPage.exe" "%1"
Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command@command _z0CgvzR!AjZTLSR74XROmniPageSE>71eXRjo`j=y^f6(a,Pqx "%1"?
Reg HKLM\SOFTWARE\Classes\.opd\ShellNew
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2@ FieldListCtrl.2 Object
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CLSID
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CLSID@ {444D2D27-02E8-486B-9018-3644958EF8A9}
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CurVer
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CurVer@ ACCWIZ.FieldListCtrl.2.8
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8@ FieldListCtrl.2 Object
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8\CLSID
Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8\CLSID@ {444D2D27-02E8-486B-9018-3644958EF8A9}
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2@ ImexGridCtrl.2 Object
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CLSID
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CLSID@ {7466A304-ABF5-4998-88AE-F78D6F134E00}
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CurVer
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CurVer@ ACCWIZ.ImexGridCtrl.2.8
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8@ ImexGridCtrl.2 Object
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8\CLSID
Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8\CLSID@ {7466A304-ABF5-4998-88AE-F78D6F134E00}
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom@DefaultIcon C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\Lightroom.exe
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell@ open
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open@ &Open
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open\command
Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open\command@ C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\Lightroom.exe "%L"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open@ &Open in Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open@ Install with Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open@ Install with Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open@ &Open in Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open@ &Open in Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open@ Install with Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open@ Install with Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open@ Install with Lightroom
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"?
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent@ InstallShield Update Service Agent
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent\CLSID
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent\CLSID@ {E9880553-B8A7-4960-A668-95C68BED571E}
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1@ InstallShield Update Service Agent
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1\CLSID
Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1\CLSID@ {E9880553-B8A7-4960-A668-95C68BED571E}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute@ Attribute Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CLSID@ {54BA1E8F-818D-407F-949D-BAE1692C5C18}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CurVer@ CAPICOM.Attribute.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1@ Attribute Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1\CLSID@ {54BA1E8F-818D-407F-949D-BAE1692C5C18}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate@ Certificate Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CurVer@ CAPICOM.Certificate.2
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1@ Certificate Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2@ Certificate Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates@ Certificates Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CurVer@ CAPICOM.Certificates.2
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1@ Certificates Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2@ Certificates Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain@ Chain Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CurVer@ CAPICOM.Chain.2
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1@ Chain Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2@ Chain Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62}
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData@ EncryptedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CLSID@ {A440BD76-CFE1-4D46-AB1F-15F238437A3D}
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CurVer@ CAPICOM.EncryptedData.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1@ EncryptedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1\CLSID@ {A440BD76-CFE1-4D46-AB1F-15F238437A3D}
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData@ EnvelopedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CLSID@ {F3A12E08-EDE9-4160-8B51-334D982A9AD0}
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CurVer@ CAPICOM.EnvelopedData.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1@ EnvelopedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1\CLSID@ {F3A12E08-EDE9-4160-8B51-334D982A9AD0}
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty@ ExtendedProperty Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CLSID@ {9E7EA907-5810-4FCA-B817-CD0BBA8496FC}
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CurVer@ CAPICOM.ExtendedProperty.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1@ ExtendedProperty Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1\CLSID@ {9E7EA907-5810-4FCA-B817-CD0BBA8496FC}
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData@ HashedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CLSID@ {CE32ABF6-475D-41F6-BF82-D27F03E3D38B}
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CurVer@ CAPICOM.HashedData.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1@ HashedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1\CLSID@ {CE32ABF6-475D-41F6-BF82-D27F03E3D38B}
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID@ OID Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CLSID@ {7BF3AC5C-CC84-429A-ACA5-74D916AD6B8C}
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CurVer@ CAPICOM.OID.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1@ OID Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1\CLSID@ {7BF3AC5C-CC84-429A-ACA5-74D916AD6B8C}
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey@ PrivateKey Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CLSID@ {03ACC284-B757-4B8F-9951-86E600D2CD06}
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CurVer@ CAPICOM.PrivateKey.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1@ PrivateKey Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1\CLSID@ {03ACC284-B757-4B8F-9951-86E600D2CD06}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings@ Settings Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CLSID@ {A996E48C-D3DC-4244-89F7-AFA33EC60679}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CurVer@ CAPICOM.Settings.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1@ Settings Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1\CLSID@ {A996E48C-D3DC-4244-89F7-AFA33EC60679}
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode@ SignedCode Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CLSID@ {8C3E4934-9FA4-4693-9253-A29A05F99186}
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CurVer@ CAPICOM.SignedCode.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1@ SignedCode Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1\CLSID@ {8C3E4934-9FA4-4693-9253-A29A05F99186}
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData@ SignedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CLSID@ {94AFFFCC-6C05-4814-B123-A941105AA77F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CurVer@ CAPICOM.SignedData.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1@ SignedData Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1\CLSID@ {94AFFFCC-6C05-4814-B123-A941105AA77F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer@ Signer Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CurVer@ CAPICOM.Signer.2
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1@ Signer Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2@ Signer Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store@ Store Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CurVer@ CAPICOM.Store.2
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1@ Store Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2@ Store Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities@ Utilities Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CLSID@ {22A85CE1-F011-4231-B9E4-7E7A0438F71B}
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CurVer
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CurVer@ CAPICOM.Utilities.1
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1@ Utilities Class
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1\CLSID
Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1\CLSID@ {22A85CE1-F011-4231-B9E4-7E7A0438F71B}
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog@ DWUpdateService
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog\CLSID
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog\CLSID@ {F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1@ DWUpdateService
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1\CLSID
Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1\CLSID@ {F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent@ DWUpdateService
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent\CLSID
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent\CLSID@ {FFF2D28F-E4EE-44D9-8104-8E71556757F6}
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1@ DWUpdateService
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1\CLSID
Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1\CLSID@ {FFF2D28F-E4EE-44D9-8104-8E71556757F6}
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent@ InstallShield Update Service Agent
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent\CLSID
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent\CLSID@ {2837E0FE-686B-4CB0-BE53-0EA097EAF71B}
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1@ InstallShield Update Service Agent
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1\CLSID
Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1\CLSID@ {2837E0FE-686B-4CB0-BE53-0EA097EAF71B}
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML@ PML Class
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML\CLSID
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML\CLSID@ {88721C50-BC58-11D3-A99D-81EAEC5E8E45}
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1@ PML Class
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1\CLSID
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1\CLSID@ {88721C50-BC58-11D3-A99D-81EAEC5E8E45}
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList@ VarBindList Class
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList\CLSID
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList\CLSID@ {88721C4D-BC58-11D3-A99D-81EAEC5E8E45}
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1@ VarBindList Class
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1\CLSID
Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1\CLSID@ {88721C4D-BC58-11D3-A99D-81EAEC5E8E45}
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro@ HP Port Resolve Class
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro\CLSID
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro\CLSID@ {5A5AA0AA-1DEB-4683-96B0-B43301E83971}
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1@ HP Port Resolve Class
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1\CLSID@ {5A5AA0AA-1DEB-4683-96B0-B43301E83971}
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID@ HPBOID Class
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID\CLSID
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID\CLSID@ {D713F357-7920-4B91-9EB6-49054709EC7A}
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1@ HPBOID Class
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1\CLSID
Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1\CLSID@ {D713F357-7920-4B91-9EB6-49054709EC7A}
Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID
Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID@ {0F195FA1-CCF0-11D2-8B20-00A0C93CB1F4}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader@ Downloader Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader\CLSID@ {E9A93328-79D4-4AED-A778-146E7191F8BC}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1@ Downloader Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1\CLSID@ {E9A93328-79D4-4AED-A778-146E7191F8BC}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError@ DownloadError Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError\CLSID@ {623E415A-22EF-4DAA-A2FF-E68E77A673C9}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1@ DownloadError Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1\CLSID@ {623E415A-22EF-4DAA-A2FF-E68E77A673C9}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager@ DownloadManager Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CLSID@ {E50C953D-311A-481B-8F8D-C55E65AF7417}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CurVer
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CurVer@ ISDownloadManager.DownloadManager.1
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1@ DownloadManager Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1\CLSID@ {E50C953D-311A-481B-8F8D-C55E65AF7417}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File@ File Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File\CLSID@ {915C2CEB-216B-4B7C-89E4-9ED3512D58D9}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1@ File Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1\CLSID@ {915C2CEB-216B-4B7C-89E4-9ED3512D58D9}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files@ Files Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files\CLSID@ {92C5E738-7372-4CD6-BE57-15833624EBF3}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1@ Files Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1\CLSID@ {92C5E738-7372-4CD6-BE57-15833624EBF3}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job@ Job Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job\CLSID@ {9CAAD2EA-177B-4D07-871F-47255B5D30F3}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1@ Job Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1\CLSID@ {9CAAD2EA-177B-4D07-871F-47255B5D30F3}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs@ Jobs Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs\CLSID@ {B391A1DB-28C8-4506-A43C-5BD6051F16BA}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1@ Jobs Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1\CLSID@ {B391A1DB-28C8-4506-A43C-5BD6051F16BA}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator@ ProgressCalculator Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator\CLSID@ {621D3650-F1D3-414C-97F9-03A02B211261}
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1@ ProgressCalculator Class
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1\CLSID@ {621D3650-F1D3-414C-97F9-03A02B211261}
Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10@ InstallShield InstallDriver String Table
Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10\CLSID
Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10\CLSID@ {AF0996A6-75B5-457D-B417-49B5FBF97E73}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp@ MSPRDeviceApp Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CLSID@ {58954BCB-A287-407B-90FA-8A8C82A86D9C}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CurVer
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CurVer@ MSPRPIPE.MSPRDeviceApp.1
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1@ MSPRDeviceApp Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1\CLSID@ {58954BCB-A287-407B-90FA-8A8C82A86D9C}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser@ MSPRSourceParser Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CLSID@ {39027B6E-76F9-47F2-882F-72B4458FCF9B}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CurVer
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CurVer@ MSPRPIPE.MSPRSourceParser.1
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1@ MSPRSourceParser Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1\CLSID@ {39027B6E-76F9-47F2-882F-72B4458FCF9B}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData@ MSPRTransferData Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CLSID@ {4114CD5B-25EC-4A3D-96CB-93FABD65691F}
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CurVer
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CurVer@ MSPRPIPE.MSPRTransferData.1
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1@ MSPRTransferData Class
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1\CLSID@ {4114CD5B-25EC-4A3D-96CB-93FABD65691F}
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider@ MSPRProvider Class
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CLSID@ {4E8200A7-DCF2-43F6-B55D-DCCEDF8DF272}
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CurVer
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CurVer@ MSPRSDK.MSPRProvider.1
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1@ MSPRProvider Class
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1\CLSID
Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1\CLSID@ {4E8200A7-DCF2-43F6-B55D-DCCEDF8DF272}
Reg HKLM\SOFTWARE\Classes\OmniPage.Document@ OmniPage Document
Reg HKLM\SOFTWARE\Classes\OmniPage.Document\CLSID
Reg HKLM\SOFTWARE\Classes\OmniPage.Document\CLSID@ {C052D721-7FE1-11D3-8015-00A0C98D3E7F}
Reg HKLM\SOFTWARE\Classes\OmniPage.Document\DefaultIcon
Reg HKLM\SOFTWARE\Classes\OmniPage.Document\DefaultIcon@ C:\Windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\_05889BD9_A033_43B1_A004_42D207E6469E,0
Reg HKLM\SOFTWARE\Classes\OmniPage15@ OmniPage15
Reg HKLM\SOFTWARE\Classes\OmniPage15\CLSID
Reg HKLM\SOFTWARE\Classes\OmniPage15\CLSID@ {899BB9A8-C92B-4373-98C4-10E8AB297DCA}
Reg HKLM\SOFTWARE\Classes\OmniPage15\DefaultIcon
Reg HKLM\SOFTWARE\Classes\OmniPage15\DefaultIcon@ C:\Windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\_7D8B90FC_26C4_47BC_BD44_82AF4DCE0C22,0
Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}@(Default ISSBkgdUpdate
Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}\ProxyStubClsid32
Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}\ProxyStubClsid32@(Default) {00020420-0000-0000-C000-000000000046}

---- EOF - GMER 1.0.15 ----

[/log]

[color=green]//Punkt 5. Regulaminu działu: "Logi wstawiamy w tagi [log ] [/log ] (bez spacji)"
//Mateusz J.[/color]

wirusolog
komentarz
komentarz

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]
:Files
C:\Users\asus\AppData\Local\Temp*.html
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job

:Commands
[clearallrestorepoints]
[emptyflash]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.

sebas135
komentarz
komentarz

[log]http://wklej.org/id/554240/[/log] OTL
[log]http://wklej.org/id/554241/[/log] raport

wirusolog
komentarz
komentarz

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]
:Files
C:\Users\asus\AppData\Local\Temp*.html

:OTL
SRV - File not found [Auto | Stopped] -- -- (WMPNetworkSvc)
[/code]
Klik w [b]Wykonaj Skrypt[/b].

[b]2.[/b] W OTL wciśnij przycisk [b]Sprzątanie[/b].

[b]3.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).

sebas135
komentarz
komentarz

MBAM już robiłem kilka dni temu:) Najwyżej powtórzę. Przyjrzałem się wczoraj usługą i z tego co widzę to duże zużycie procesora powoduje svchost.exe do którego podpięty jest klient dns i rozpoznawanie lokalizacji w sieci. Jest jakaś możliwość coś z nimi zrobić ? Czytałem ze rozpoznawanie można ponoć wyłaczyć ale u mnie to powoduje jakieś błedy w internecie (według ikony na pasku start mam ograniczony dostęp natomiast w przegladarce wszystko chodzi ok).

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.