sebas135 utworzono 27 czerwca 2011 utworzono 27 czerwca 2011 Cześć. Od kilku dni mam problem z moim laptopem AsusK50ij. Po uruchomieniu komputera zużycie procesora osiąga 100% i trzyma się tak około 3 minuty. Odpowiedzialny za to jest głownie svchost.exe (852 i 1124). Po drugie zacina mi muzyka w trakcie odtwarzania ale nie wiem czy to przez ten procesor czy to już inna kwestia. Proszę o pomoc i wskazówki. Czy da radę coś z tym zrobić czy pozostaje tylko format? Piszcie proszę jakie dane potrzebujecie jeszcze bo słabo się na tym znam:)
wirusolog komentarz 28 czerwca 2011 komentarz 28 czerwca 2011 Nie mogę otworzyć załączników bo wyskakuje mi: [quote] [b][#10171] Nie masz uprawnień do pobrania tego załącznika[/b] [/quote] Proszę o wysłanie logów i screena na jakiś hosting, logi np. na wklej.org / screena na imageshack.us
sebas135 komentarz 28 czerwca 2011 Autor komentarz 28 czerwca 2011 (edytowane) [log] OTL logfile created on: 2011-06-27 21:27:59 - Run 4 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\asus\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,44% Memory free 5,93 Gb Paging File | 4,95 Gb Available in Paging File | 83,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 73,27 Gb Free Space | 75,03% Space Free | Partition Type: NTFS Drive D: | 97,66 Gb Total Space | 73,58 Gb Free Space | 75,35% Space Free | Partition Type: NTFS Drive E: | 102,78 Gb Total Space | 95,68 Gb Free Space | 93,10% Space Free | Partition Type: NTFS Computer Name: ASUSX | User Name: asus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-25 14:57:47 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\asus\Downloads\OTL.exe PRC - [2011-06-16 06:51:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-08-12 14:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2009-03-23 08:52:14 | 017,149,952 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-25 14:57:47 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\asus\Downloads\OTL.exe MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (WMPNetworkSvc) SRV - [2010-06-26 16:26:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-03-25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-10-05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-08-23 05:06:38 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:53:40 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-03-20 08:21:38 | 000,984,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2008-08-11 04:14:12 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-02-01 17:24:04 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) DRV - [2007-07-31 02:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006-04-07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 20:35:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 20:35:14 | 000,000,000 | ---D | M] [2011-06-24 21:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\asus\AppData\Roaming\mozilla\Extensions [2011-06-24 21:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- [2011-06-16 06:51:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011-06-24 02:31:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [HControl] C:\Windows\ATK0100\HControl.exe () O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.7.228 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-27 20:55:30 | 000,000,000 | R--D | C] -- C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8 [2011-06-27 20:36:11 | 000,038,480 | ---- | C] (CANON INC.) -- C:\Windows\System32\IJRMF.exe [2011-06-27 19:47:16 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011-06-27 17:44:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs [2011-06-27 10:40:50 | 000,000,000 | ---D | C] -- C:\Users\asus\DoctorWeb [2011-06-26 19:45:19 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2011-06-26 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\RealDrawPRO4 [2011-06-26 00:59:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011-06-25 21:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip [2011-06-24 23:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2011-06-24 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\Malwarebytes [2011-06-24 22:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-06-24 22:08:21 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-06-24 22:08:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-06-24 22:07:53 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2011-06-24 22:07:53 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2011-06-24 22:07:53 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2011-06-24 22:07:53 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2011-06-24 22:07:41 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-06-24 22:07:41 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-06-24 22:07:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-06-24 22:07:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-06-24 22:07:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-06-24 22:07:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-06-24 22:07:40 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-06-24 22:07:39 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-06-24 22:07:39 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-06-24 22:07:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-06-24 22:07:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-06-24 22:07:31 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011-06-24 22:07:31 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011-06-24 22:07:30 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011-06-24 22:07:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011-06-24 22:07:27 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-06-24 22:07:27 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-06-24 22:07:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2011-06-24 22:07:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011-06-24 22:07:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2011-06-24 22:07:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2011-06-24 22:07:18 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011-06-24 22:07:11 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011-06-24 22:07:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011-06-24 22:06:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-06-24 22:06:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-06-24 22:06:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011-06-24 22:06:51 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2011-06-24 22:06:51 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2011-06-24 22:06:47 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2011-06-24 22:06:45 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2011-06-24 22:06:43 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011-06-24 22:06:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2011-06-24 22:06:26 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2011-06-24 22:04:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011-06-24 22:04:23 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011-06-24 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\foobar2000 [2011-06-24 20:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000 [2011-06-24 02:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011-06-24 02:31:35 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011-06-24 01:01:44 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011-06-21 14:12:23 | 000,000,000 | ---D | C] -- C:\Users\asus\Desktop\ogłoszenie [2011-06-21 13:51:07 | 000,000,000 | ---D | C] -- D:\xzcz\Praca [2011-06-06 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\Scansoft [2011-06-06 11:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2011-06-06 11:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHORTCUT_FOLDERNAME [2011-06-06 11:54:29 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\ScanSoft [2011-06-06 11:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0 [2011-06-06 11:54:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared [2011-06-06 11:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft [2011-06-06 11:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft [2011-06-06 11:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2011-06-06 11:51:46 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2011-06-06 11:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP160 [2011-06-06 11:51:13 | 000,197,632 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM83.DLL [2011-06-06 11:51:08 | 000,106,496 | ---- | C] (Canon Inc.) -- C:\Windows\System32\cnco160.dll [2011-06-06 11:51:07 | 001,298,432 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCC160.DLL [2011-06-06 11:51:07 | 000,135,168 | ---- | C] (Canon Inc.) -- C:\Windows\System32\CNCL160.DLL [2011-06-06 11:51:07 | 000,057,344 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCI160.DLL [2011-06-06 11:50:46 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011-06-06 11:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2011-06-06 11:49:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011-06-02 20:19:10 | 000,000,000 | ---D | C] -- D:\xzcz\Nowy folder [2010-04-21 17:32:38 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-27 21:30:23 | 000,047,031 | ---- | M] () -- C:\Users\asus\Desktop\Bez tytułu.png [2011-06-27 21:24:12 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-27 21:24:12 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-27 21:16:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-06-27 21:16:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-27 21:16:12 | 2388,459,520 | -HS- | M] () -- C:\hiberfil.sys [2011-06-27 20:49:18 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempvd2372.html [2011-06-27 20:35:10 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job [2011-06-27 20:02:35 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempxP2664.html [2011-06-27 20:02:35 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempQG2664.html [2011-06-27 19:47:26 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempel2228.html [2011-06-27 19:47:26 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempiY2228.html [2011-06-27 19:41:01 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempkET264.html [2011-06-27 19:41:01 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempnpF264.html [2011-06-27 19:19:20 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TemptV2076.html [2011-06-27 19:19:20 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TemptZ2076.html [2011-06-27 18:49:30 | 000,007,613 | ---- | M] () -- C:\Users\asus\AppData\Local\Resmon.ResmonCfg [2011-06-27 18:31:35 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempVf2180.html [2011-06-27 17:59:36 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempts2316.html [2011-06-27 17:55:45 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempof2440.html [2011-06-27 17:55:45 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\Tempuc2440.html [2011-06-27 10:56:39 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempFT2120.html [2011-06-27 06:58:41 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempkM2336.html [2011-06-27 06:58:41 | 000,002,089 | ---- | M] () -- C:\Users\asus\AppData\Local\TempPf2336.html [2011-06-26 15:54:17 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat [2011-06-26 15:02:00 | 000,828,416 | ---- | M] () -- C:\Users\asus\Desktop\pfp1.jpg [2011-06-26 14:34:24 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempSiA280.html [2011-06-26 12:32:01 | 006,066,142 | ---- | M] () -- C:\Users\asus\Desktop\Zalacznik11.jpg [2011-06-26 01:27:37 | 000,002,432 | ---- | M] () -- C:\Users\asus\AppData\Local\TempZD2284.html [2011-06-25 14:48:47 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperResumePrompt_asus.job [2011-06-24 23:10:41 | 000,414,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-06-24 21:29:43 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-06-24 20:36:31 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk [2011-06-24 02:31:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011-06-13 00:54:00 | 000,014,135 | ---- | M] () -- D:\xzcz\solecki - Rechnung A4 -16.pdf [2011-06-06 11:54:36 | 000,000,416 | ---- | M] () -- C:\Windows\MAXLINK.INI [2011-06-05 22:00:54 | 005,986,000 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-05 22:00:54 | 002,474,984 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-05 22:00:54 | 001,979,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-05 22:00:54 | 001,888,854 | ---- | M] () -- C:\Windows\System32\perfc009.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-27 20:35:10 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job [2011-06-27 20:22:04 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempvd2372.html [2011-06-27 20:00:46 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempxP2664.html [2011-06-27 20:00:46 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempQG2664.html [2011-06-27 19:44:44 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempel2228.html [2011-06-27 19:44:44 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempiY2228.html [2011-06-27 19:39:23 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempkET264.html [2011-06-27 19:39:23 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempnpF264.html [2011-06-27 19:18:51 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TemptV2076.html [2011-06-27 19:18:51 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TemptZ2076.html [2011-06-27 18:22:56 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempVf2180.html [2011-06-27 17:59:28 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempts2316.html [2011-06-27 17:48:40 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempof2440.html [2011-06-27 17:48:40 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\Tempuc2440.html [2011-06-27 10:07:26 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempFT2120.html [2011-06-27 06:48:57 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempkM2336.html [2011-06-27 06:48:57 | 000,002,089 | ---- | C] () -- C:\Users\asus\AppData\Local\TempPf2336.html [2011-06-26 23:41:54 | 000,031,915 | ---- | C] () -- C:\Users\asus\Desktop\Bez tytułu.png [2011-06-26 15:54:17 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat [2011-06-26 15:02:00 | 000,828,416 | ---- | C] () -- C:\Users\asus\Desktop\pfp1.jpg [2011-06-26 12:31:44 | 006,066,142 | ---- | C] () -- C:\Users\asus\Desktop\Zalacznik11.jpg [2011-06-26 12:01:42 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempSiA280.html [2011-06-26 01:04:43 | 000,002,432 | ---- | C] () -- C:\Users\asus\AppData\Local\TempZD2284.html [2011-06-25 14:48:47 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperResumePrompt_asus.job [2011-06-24 22:09:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl [2011-06-24 21:29:43 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-06-24 21:29:43 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-06-24 20:36:31 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2011-06-24 20:36:31 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk [2011-06-24 18:52:51 | 000,007,613 | ---- | C] () -- C:\Users\asus\AppData\Local\Resmon.ResmonCfg [2011-06-13 00:54:00 | 000,014,135 | ---- | C] () -- D:\xzcz\solecki - Rechnung A4 -16.pdf [2011-06-06 11:54:36 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2011-02-21 13:11:59 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011-01-17 20:15:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-08 23:46:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll [2010-08-08 23:46:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll [2010-06-30 14:31:37 | 000,004,608 | ---- | C] () -- C:\Users\asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-30 14:31:18 | 000,221,184 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2010-06-30 14:31:18 | 000,059,392 | ---- | C] () -- C:\Windows\System32\espr3260.dll [2010-06-30 14:31:17 | 000,987,136 | ---- | C] () -- C:\Windows\System32\liboggvorbis-1.0.0.dll [2010-06-30 14:31:17 | 000,552,960 | ---- | C] () -- C:\Windows\System32\liboggvorbis-0.3.1.dll [2010-06-30 14:31:17 | 000,126,976 | ---- | C] () -- C:\Windows\System32\MPEGWriter.dll [2010-06-30 14:31:17 | 000,069,120 | ---- | C] () -- C:\Windows\System32\libmpv-enc-1.2.5.dll [2010-06-30 14:31:17 | 000,058,880 | ---- | C] () -- C:\Windows\System32\libmpg-mux-2.0.2.dll [2010-06-30 14:31:17 | 000,056,320 | ---- | C] () -- C:\Windows\System32\libmpv-enc-1.2.4.dll [2010-06-30 14:31:17 | 000,050,176 | ---- | C] () -- C:\Windows\System32\libmpg-mux-2.0.1.dll [2010-06-30 14:31:17 | 000,020,480 | ---- | C] () -- C:\Windows\System32\libavi-dd-1.1.1.dll [2010-06-30 14:31:17 | 000,020,480 | ---- | C] () -- C:\Windows\System32\libavi-dd-1.1.0.dll [2010-06-30 14:31:16 | 001,036,800 | ---- | C] () -- C:\Windows\System32\libmpeg-1.0.0.dll [2010-06-30 14:31:16 | 000,696,832 | ---- | C] () -- C:\Windows\System32\libmcl-2.8.0.dll [2010-06-30 14:31:16 | 000,696,320 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.2.dll [2010-06-30 14:31:16 | 000,675,840 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.1.dll [2010-06-30 14:31:16 | 000,225,792 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.7.dll [2010-06-30 14:31:16 | 000,209,920 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.4.dll [2010-06-30 14:31:16 | 000,208,896 | ---- | C] () -- C:\Windows\System32\libmpg-dec-1.0.3.dll [2010-06-30 14:31:16 | 000,128,512 | ---- | C] () -- C:\Windows\System32\libmpa-enc-1.0.3.dll [2010-06-30 14:31:16 | 000,116,224 | ---- | C] () -- C:\Windows\System32\libmpa-enc-1.0.2.dll [2010-06-30 14:31:16 | 000,069,120 | ---- | C] () -- C:\Windows\System32\libmpeg2-enc-1.2.5.dll [2010-06-30 14:31:15 | 000,669,184 | ---- | C] () -- C:\Windows\System32\libmcl-2.7.0.dll [2010-06-30 14:31:15 | 000,666,112 | ---- | C] () -- C:\Windows\System32\libmcl-2.6.1.dll [2010-06-30 14:31:15 | 000,427,008 | ---- | C] () -- C:\Windows\System32\libimg-2.2.9.dll [2010-06-30 14:31:15 | 000,400,384 | ---- | C] () -- C:\Windows\System32\libimg-2.2.8.dll [2010-06-26 10:11:04 | 000,002,045 | -H-- | C] () -- C:\Windows\System32\whlprd32a.dll [2010-06-23 23:33:18 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-06-23 15:05:58 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-06-23 11:40:17 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib [2010-06-23 11:20:55 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-06-23 11:20:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-06-23 11:20:54 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-06-23 11:20:54 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-06-23 11:20:53 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-06-23 10:49:02 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010-06-23 10:45:04 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2010-06-23 10:45:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2010-04-21 18:08:14 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010-04-21 18:08:14 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010-04-21 18:08:14 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010-04-21 17:29:46 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010-04-21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010-04-21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2009-07-14 10:07:57 | 005,986,000 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 001,979,930 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,414,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 002,474,984 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 001,888,854 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-14 00:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat < End of report >[/log] [log]GMER 1.0.15.15640 - http://www.gmer.net Rootkit scan 2011-06-28 21:15:37 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545032B9A300 rev.PB3OC60N Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\uxldrpoc.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 83653569 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83678092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} PAGE peauth.sys 99E4402C 102 Bytes JMP E35FAF7B C:\Program Files\CyberLink\PowerDVD8\000.fcl entry point in "" section [0x99F01000] .clc C:\Program Files\CyberLink\PowerDVD8\000.fcl unknown last section [0x99F02000, 0x1000, 0x00000000] ? C:\Windows\system32\Drivers\PROCEXP141.SYS Nie można odnaleźć określonego pliku. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] kernel32.dll!SetUnhandledExceptionFilter 772B3162 5 Bytes JMP 6B285B49 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] ole32.dll!OleLoadFromStream 76745BF6 5 Bytes JMP 6B5A0DB5 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1924] ntdll.dll!LdrLoadDll 7739F5B5 5 Bytes JMP 010E1410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1924] USER32.dll!SetWindowLongA 76E5B1E3 5 Bytes JMP 6456D9D0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1924] USER32.dll!SetWindowLongW 76E66614 5 Bytes JMP 6456D970 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[1024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [753B5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73FF2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73FD5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73FD56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73FF250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73FE8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73FE4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73FE50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73FE51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73FE66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73FE82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73FE8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73FE907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73FEE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1480] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73FE4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000018d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ????????{40EDA462-96F5-4643-8164-421DE11F0356}??????????????? ???????|???????????u?:????????????&????????????????????????????????c???????????????????_??????????????????*6to4mp?????????????? ????????????????????????????????????????????s4FF??Karta Microsoft 6to4 #156?????????????????????????*??????????????????????????????????s??? ????????????????????????????????????????c?????????????????????????????????\Device\{40EDA462-96F5-4643-8164-421DE11F0356}??????????????????????????????????????? ?????????????????????1????????z?????????????4??????????????????????????????????e???????????2??12???????????????e????????????????????????????????????????N?????????????????? ?????????????????????1?????????????????????????????????????????????????B???????e??????????????????????????????nettun.inf?A-F???????????}??DA?????? 3??????? ???????U?????????????,??N?????$???<???????????????????????????????????? ?????????????????????1????????????????????nettun.inf??12???????????4??14??6to4mp.ndi??15??????TA??nettun.inf:Microsoft.NTx86:6to4mp.n Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route ?????????????????????????0??0-????????N??????e????Dlne??Microsoft????????????D??A6??? ??????????????????????????????????????????????????levice\NetBT_Tcpip_{973CC8DF-BEA2-4D8F-B016-DDAC4B7CC70F}] SEQPACKET 53?????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{361D78FA-2DD8-487F-B53E-875188F2BFED}] SEQPACKET 204???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-F??? ???????}???????????t????????"??????????????????????????3?????eEA???????s??? ??????????????&????l??????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{949CD133-0598-409B-9A14-5DC932C7620C}] DATAGRAM 236????? ???????}???????????t????????"??????????????????????????????j??disk.inf????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{654D692C-4373-4B59-A108-397049395E14}] SEQPACKET 237???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{654D692C-4373-4B59-A108-397049395E Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ?????????????????????????????????????????????z???????????B??\Device\NdisWan_{E2F8A220-AF88-446C-9A55-453E58DD3A33}?\Device\NdisWan_{DB2B4279-B5CF-4626-9DBA-32D0ECE44C87}?\Device\NdisWan_{C0DE3E38-8BA7-479F-8B75-833F294C5AA8}?\Device\NdisWan_{483C9FF8-503D-414B-B402-E4C1F1F568CB}?\Device\NdisWan_{E28D896F-9EA8-433A-9C10-66C97C19A921}?\Device\NdisWan_{636FF46E-80FE-4314-BC84-DC7749EDE5B4}??wan??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|???v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|???????????????????????{?????eDB???????????0??????????????????????????????????????????????????????????????????????????????Root\*6TO4MP\0241???*6to4mp Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ????????????????????????AC??@nettun.inf,%msft%;Microsoft?C???????????????????????????*??????????Net???????????????????????????????????????N??????\????Dt#*??\??\C:\pagefile.sys???????N????????????D??????2?????????????????*6to4mp?????? b?????? ??????????Karta Microsoft 6to4 #28?\????2??????1??????}"??? ???l???5?????s}???? ???g???}???????~???????????N?????scp????N??????A?????D89????2??????C??????80??????????????E-???????.???????i???????????????????????????F?????sF}??tunnel??????????????????t????????????????h??{4d36e972-e325-11ce-bfc1-08002be10318}\0044???????4???????????????????X??????e???t??*6to4mp???????????????????????????????????????????N????????????D????? l??????-?????E66??{4d36e972-e325-11ce-bfc1-08002be10318}??5????????d???????e??????????????????????????T ???????2??{4d36e972-e325-11ce-bfc1-08002be10318}\0031?????{4d36e972-e325-11ce-bfc1-08002be10318}\0039??&??Karta Microsoft 6to4 #56????Karta Microsoft 6to4 #82?4????????????????????????????:??????1?gE9??Net?????????????????????????Karta Microsoft 6to4 #3 Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ??????????????????????2?????????????16??*6to4mp?sy???????????2??15??Typ?????disk.inf?????????e???????e????X??????l???t??????????disk?3??????e???e???Microsoft???????????????????????????????????????????????? l??????8?????23-??Net??????????????????????m????????c?????????????????int?????????????? ???????s?????s???????;??L??????????????3???????????????????????????????y???"???e??????????????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=policyagent|Name=@FirewallAPI.dll,-30003|Desc=@FirewallAPI.dll,-30006|EmbedCtxt=@FirewallAPI.dll,-30002|????Z???????????????????????????????????????????????????????????&???????????????????????????????????????s???????????????????t????????????N??????????????????????i???????o??? ???????@????????????????????$?N?y??????????????????????????s???????????????????????????????s????N??????e????Dlne????:??????T?g?????????????????????????????????????-?????eC1????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ???????????n?&?n?&??int??????????????s?????????????a????system32\DRIVERS\ACPI.sys????????????9????????????2????????????e???????????????????????n?????????????????????????????????????????????????????????????????????????9???????????????????????????????????6????????????????X?????????????*6to4mp??????,?,?m?m?m?m?,?n?n?n?n?n?n???????n???V??00??????????ASUSX???????????????????????????Net?#?????????????????????m??????????????????????????????|???????u???t???????????????????v?v?v??? ???????n???????????n?,?????? ???????????????????????????????m???????????????????????????????N??????e????Dlne????????????????????m??n???????n????????????????????????????????????????????????????????????:??????6?gF-??????????????????????t????????????????????????k??????p?????????????????????????2?????????????????tunnel?441??????00???d????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adp94xx.sys?y???????n??????p???SCSI Miniport?????R??n???????????d??adp94xx.inf_x86_neutral_4928c8870f6a1577?????n?n?n?n?n?n??? Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ?????????????????????i??????*6to4mp??????k?k?k?k?k?k?k?l?k?l?l??@volsnap.inf,%msft%;Microsoft????????u??????????????????tunnel??????????????? ????????????????????????????????????????????s9C8??? ?? ???????????????? ???????????????????????????????????????f??? ?????????????????????1??L????????? ???????tB?????????????????f????? ?????????????????????1????????????&????????????????????t??? ?????????????????????1????????????????????? ???????????????????u?1????????z?????????????????????????????z?????? ??????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?4??? ?????????????????????1????????????&????????????????????8??? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????8??AB???????|???A??7}??????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????3??95???????????7??9}??6.1.7600.16385??mu??? ?????????????????????1????????????????????????????????????????? ?????????????????????1????????*?????????????????????????????* Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ?????9??LegacyDriver????????????????????? l??????3?????-FC??tunnel??????{4d36e972-e325-11ce-bfc1-08002be10318}\0038?? ???2???????????????????*?@?&?@?&?@?&?@?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&?A?&???&???&???&???&???&???&???&?A????????????????????????????????????????????????????????????????????????????????? ???A??????????t????????A???????????????????@??????????????? ??????????????????? ??????????????n???6.1.7600.16385????????.?????????????????storage\volumesnapshot???????A?A????????????????? @?????????????????Rodzajowa kopia w tle wolumin?w????????????????????????d?????????A???????????????????????????A?A?A?A?A?A?A?A?A?A?A?A?A??????????? ???????A????????2???????????.??????????????s???????????????????e??????????????????????????? ??????????????????? ??????????????D?????????????????n?mm??????????????????? ???????d??????eC??????????????????? ????????????????????????????????????????????????????????????????????????????l???????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ? ?????????p?????p????"??p??????p?????4??p??????????????????????????t???????????????????????Net??????????????????????r?r????? ???????o?????p?????p??????????Z?/???????????????????????????????????????????????T??p????????h?????\SystemRoot\system32\DRIVERS\BrFiltLo.sys?????Z??p?????????e????Brother USB Mass-Storage Lower Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????p???????????p??????????,??? ?????????????,??p???????????s??/GR=OFF /TO=10 /OW=30???? ???????o???????????p??????????Z?0?????????????????????t?????????????????????????????????????????T??p????????h????????p???p??????Z??p?????????e???????p?????p??????????????\SystemRoot\system32\DRIVERS\BrFiltUp.sys???Brother USB Mass-Storage Upper Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????o?????p?? ?????????????Z?1??????r??%SystemRoot%\System32\svchost.exe -k netsvcs????@%systemroot%\s Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ?????t???????????1???????????????????n???????????????????2??12??????????? ??????????tunnel??????????????????6.1.7600.16385?B01???????????}???????s??????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1??????*?0??? ???????????????????????????????d ??????~????s??????????Po??czenie lokalne* 126???????????????????????????.Po??czenie lokalne* 126??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????2Karta Microsoft 6to4 #119????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ????????????el??????????????B????????????????????????????????????????????????????|????N??????e????Dlne????????????,Po??czenie lokalne* 67???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????0Karta Microsoft 6to4 #60?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ????????????????????????????????{00000000-0000-0000-0000-000000000000}??????????????????????????????????????STORAGE\VolumeSnapshot??? ?????????D??????X??????e???????????????????????????????????????e??0???????C7??????????????????? ???????0??????? ????X?????????????11??????????????????????????????????Net?????????????????????*6to4mp????????????????????????????s?p????2?????????????????????????????????tunnel???????????l???B???????????k??{00000000-0000-0000-0000-000000000000}??????{533c5b84-ec70-11d2-9505-00c04f79deaf}\0005?????????????????????????????????? 0??????????????????????????????????????????????l???????????????????????????l?l?l?????k?l????????????????????????????????????X??????e???????????????????????????????????t????X??????????e???????????????B????X??????????????`?d?d?d?h?g?????????????? ??l???e???e??? ??????????????p???????l????X??????????????????????f?g?h?h?h?h????????????Net?????Net???????????????????????????????.?????????????6-21-2006?????????????????????????????????????????????????????,Po??czenie l Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ????????????4?????????????????????????????????m?????????????Microsoft???????????? ???????????????????{????????"??????????????????????????????e??????????? ???????????????????|????????"?????????????????int?????????????Microsoft???tunnel????????????????????????m?????6to4mp.ndi??13??????????*6to4mp?6?????????????????????m?? ???????????????e????????????????????????????????????????m???????????????????????????????????????????????????????????????0?????????????????????????????AP????????????????????m??????????????????h??????????????????????????????????????? ??????????????????6-21-2006???? ?????????????????????1????????????????????6to4mp.ndi?9EA???????????R???????????????????t??????????????????????????????????? ???????????????????????????????????????????????????y??????? ???????????????n??????????????????????????????M????1???????2????$?????????????????ROOT\*6TO4MP\0071??????????????????d?????????????????????????????'"?????? ??????????????????????????????>??????i????? ??????????????????? ?????????????????????1??????????? Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????ce??? 4?????????????s.??????ev??{4d36e972-e325-11ce-bfc1-08002be10318}\0281?? ???????????5???????????????????????????????????????????????????e????????ml?r??????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????6.1.7600.16385??????????????????????????????? ?????????????????????1????????????????????????????? ??????????? ?????????????????????1????????????????????????????????????nettun.inf??????? ????????????????????????*???????????dms_??? ???????p??????n6???????????????????????????????*??????\0??? ???????U?????????????,??N?????$???<?????????????????????????????????????????????????????*?????????????????TCPIP6TUNNEL?Tcpip6??2??\Device\{FD38421D-67DB-4E97-801C-CC9489F5609F}??????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EAE74DAE-5334-4D3B-B1DB-20EC91FE3AC7}] DATAGRAM 193?????????????T??????????6.1.7600.16385??????????os??t???? ??????????????????? ????????????????????????"?????l???????????27??tunnel???n??? ??????? ????? Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????????????????????????????????????????????????????????????e??? ???????|???????????l?:????????????&????????????????????-??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{0343E755-E2F9-4AD2-A123-40EAFBFF1A9A}] SEQPACKET 150????????????z???????z???????????v???t??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F98FAF83-180E-4968-AC6E-A2873C542AF6}] SEQPACKET 144???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F98FAF83-180E-4968-AC6E-A2873C542AF6}] DATAGRAM 144????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8156C9CA-275C-4141-95F0-982DE44B1803}] SEQPACKET 145???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8156C9CA-275C-4141-95F0-982DE44B1803}] DATAGRAM 145??????N??????o?????DAT??????????????????????CF??int??????????????????????????????????????????????????????y?????????es ??Po??czenie lokalne* 157?????????????????? ????????????????????????????"?????????????????????????????????????????????????? ????????????????????????????"?????????????6-??????????????????????? ????????????????????????????"?????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600. Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ????Mi??? ???????????????????z????????"?????????????????????????????????s???? ???????????????????z????????"??????????????l??tunnel????????????????R??????????????????????????????????????????????????t???????????l??????? ??????????????????????????????????????????? ?????????????????????1??L????????? ???????68??????????????????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????z?????????????z?????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp????????????? ?????????????????????1????????????&????????????????????}??????????????????tunnel???????????????????????????????9??????20??????????????????????????? ????????????????????????"?????l?N?????????? ????????????????????????"?????l?M?????DA??*6to4mp?????? ????????????????????????????????????????????sF84??? ??M???????????x???25??? ??????????????????????????????????????????????????? ??L???????????x???? ???????????????????????????????????????f??? ????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ????????????????????????Karta Microsoft 6to4?????????????A?????e7F??????????? ???????????????????????????B????????????????????????????????????????????????z???????????????????????N?????????????????????46???????????t??????????????????tunnel?inf??????????????????????????????????? ?????????????????????1????????????????????????6.1.7600.16385??????????????????????????????????????Typ?????Typ??????????????i??????????????????? ?????????????????????1????????????&???????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?p??? ?????????????????????1????????????&????????????????????a??? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? l??????_?????l?????????????T??????????ce??? 4?????????????s.??????ev??{4d36e972-e325-11ce-bfc1-08002be10318}\0281?? ???????????5???????????????????????????????????????????????????e????????ml?r??????????????????????? ?????????????????????1??? Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ??????????????????????????,Po??czenie lokalne* 39???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????0Karta Microsoft 6to4 #32?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ????????????????????????????????????????????? ???????@????????????????????$?N?????????????????????????????????N??????????????????????????A??????????? ???????c?????\De??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{557F5451-E2CD-4EDA-B938-40EF67F793A2}] DATAGRAM 114?????????????T????????m?Tc????????????????????????????????????????0??????4??-7??? ???????U?????????????,????????$?w?<???????????????????????????????08??? ???????U?????????????,????????$???<???????????????????????????????.i??????????????dw????????????????????????????????????????????z?????????????Typ?????????????? ???????Z?????????????1??????????X?&???????????????????????? ???????????????????z?1??????*?0??? ???????6-??????????????????????????????????????? ????????????????????????????"???????????????????X??????????t??? ???????U?????????????,??N?????$?v?<???????????????????????????????69???????????4??????????dw?????????????????e??????????????.Po??czenie lokalne* 116????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ?????????????????????h??? ???????}???????????l????????"???t?????????8????????????3??CF??int?-4???????????C???e??tunnel??sy????>??????E??????Sterownik karty Microsoft 6to4?-9F??? ??????????????????????????????"??? ??????.pl??????? ????????????????????????"?????l?b?????ot??{4d36e972-e325-11ce-bfc1-08002be10318}?pSv??? ???????D?????Fir??? ????????????????????????????$?N?p?????????{4d36e972-e325-11ce-bfc1-08002be10318}\0112??"??????????? ????????????N?????????????????{D4D8ACF8-B9DD-4D9E-8AC4-B48A11492531}??????????????????????????tunnel?1-C??????????????????????? ?????????????????????1?????????????????????????????3??FC??*6to4mp?????? ???????1?????????????,??N?????$?b?<???????????????????????????????02??? ?????????????????????,????????????'????????????????????}????????????$??????\???????N??Root\*6TO4MP\0096????????????????4??????CA??\\?\Root#*6TO4MP#0096#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{FF114274-64F6-42A4-B152-A637E42781E8}?BT??????? ???????:?????????????:????????????&????????????????????N??? ???????_????? Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ????8???*6to4mp?4F??? ???????????????????|????????"??????????????????????????????????????????????????"??????????????????????? ???????????????????|????????"?????????????????????????6-21-2006???????3?????????????????????m?????????????????????????????????? ???????????????????|????????"?????????????????????*6to4mp???????0??????????t??????????????F}??????? ????????????????????????"?????l???????15??? ????????????????????????"?????l???????,%??????5C??????????????????????????????? ???????????????????|????????"?????????????????*6to4mp?FF???????????????????????t??????*6to4mp?????*6to4mp?????*6to4mp?18??*6to4mp??y??*6to4mp?A2????`?????????????????????????????????text????????????Microsoft???tunnel?4BE???????????????????l???e??????????????nettun.inf??????????????????????????????????????????AT??? ????????????????????????????????????????????sF}?????.??????f??s???text????????????????????levice\NetBT_Tcpip_{973CC8DF-BEA2-4D8F-B016-DDAC4B7CC70F}] SEQPACKET 53???????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ???.?U??? ???????.?????7?????:????"???&??????????????1??? ???.???.???????e???.???.???????.??PCI\VEN_8086&DEV_2A42&REV_09?PCI\VEN_8086&DEV_2A42?PCI\VEN_8086&CC_030000?PCI\VEN_8086&CC_0300?PCI\VEN_8086?PCI\CC_030000?PCI\CC_0300????.????N??.?????????DSR???????????.???????/???????'???9?????????????e6.??msv1_0??????2??????????????????.?/???.??? ???????.?????:???????1???????????????????????.?????6?8???????9?&?:?&?????.?0???.??PCI\VEN_8086&DEV_2A43&SUBSYS_18621043&REV_09?PCI\VEN_8086&DEV_2A43&SUBSYS_18621043?PCI\VEN_8086&DEV_2A43&CC_038000?PCI\VEN_8086&DEV_2A43&CC_0380????? ???.???i???????.?????.??????"??.????????????????????????z??/???????????????????????????????????/??? ???????8?????.???????1????????????&????????????????????u?????:???.???8???:?????.??PCI\VEN_8086&DEV_2A43&REV_09?PCI\VEN_8086&DEV_2A43?PCI\VEN_8086&CC_038000?PCI\VEN_8086&CC_0380?PCI\VEN_8086?PCI\CC_038000?PCI\CC_0380????.???9?9?????:?:?:??????? ???8???.?????.?/???????????????????????????????????T???????????????????.??????e????V??? ???????.????????? Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route ???.?/???.??? ???????.?????:???????1???????????????????????.?????6?8???????9?&?:?&?????.?0???.??PCI\VEN_8086&DEV_2A43&SUBSYS_18621043&REV_09?PCI\VEN_8086&DEV_2A43&SUBSYS_18621043?PCI\VEN_8086&DEV_2A43&CC_038000?PCI\VEN_8086&DEV_2A43&CC_0380????? ???.???i???????.?????.??????"??.????????????????????????z??/???????????????????????????????????/??? ???????8?????.???????1????????????&????????????????????u?????:???.???8???:?????.??PCI\VEN_8086&DEV_2A43&REV_09?PCI\VEN_8086&DEV_2A43?PCI\VEN_8086&CC_038000?PCI\VEN_8086&CC_0380?PCI\VEN_8086?PCI\CC_038000?PCI\CC_0380????.???9?9?????:?:?:??????? ???8???.?????.?/???????????????????????????????????T???????????????????.??????e????V??? ???????.???????????.????????"??????????f?????9???.???8?????????????.???.???e???.??PCI\VEN_8086&DEV_2937&SUBSYS_18671043&REV_03?PCI\VEN_8086&DEV_2937&SUBSYS_18671043?PCI\VEN_8086&DEV_2937&CC_0C0300?PCI\VEN_8086&DEV_2937&CC_0C03????? ???.???r???????.??usbuhci??/???????????????????????????????????.?????????????)?????????.???????;??? ???????.????? Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ???/?/???????.???9???????????????/???????P?????? <??????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????,??? ???????8???????????????[???????????????g?g?f???????????????????????????s???/???????????????U?????7???????0???0???0????????? ???/?????????????????4?????4?4?/??????????????????????????PCIIDE\IDEChannel\4&13d37a7d&0&0??????&??/???????????i???/??????????????????????0???????????????cdrom????????????9??????????CDROM???Mobile Intel(R) 4 Series Express Chipset Family?Chipset Family (Microsoft Corporation ? WDDM 1.1)????????.??????4???? ???/???-??????????????????disk?3???????????9????????a48D???/?????????????????????????????????????? ????f??????#{??Mouse???? ???????-?????/????????????????????(????????????????????????"???????????????????????????????????????????????????????????????????????????????????????????????/???????/??? ??????Net??????????[??????????????? ???????9??????e???athr???????? ?????????e? ???Posix?? ? ??256?????Debug?W Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???o???????? ??????????s?4????\??t?????????e?????????k???????????????????????????????????????????????????k??? ???????g?k?k?k??????????X??t?????????e?????k?}?|??????????????????????s????????????D???E????P??t?????????e?????k???k??{00000000-0000-0000-0000-000000000000}?????????????????????????????????????s?&?????????????????s?????k?k?k?k????s???{8ECC055D-047F-11D1-A537-0000F8753ED1}?ft?????????????????????????????:??????c?gxe??? ???????k?????k?????k???????????????????????9???????????9???????9??? ???????k???????????k??????????N???????.1??????????????s????????k???4???e??WfpLwf?4?4???t?}?|??{71a27cdd-812a-11d0-bec7-08002be2092f}?????????? ????m?????s?????????k??????????WudfPf???????????k???????e??fltmgr?????????????????????????????????????sN???????????????????vwififlt?I????N??u?????????e??????N??v?????????e?????}?|?|??USB?????? ??k???????????????????????????????????k?k?k?k?????.??KL1??????k???k???k???k???????????????.???????????o???s??? ???????k?????k?????k?????????????? ???????????????????????????????? ???????k? Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???s?s???????U???8??s????????i??@usbport.inf,%pci\ven_8086&dev_2935.devicedesc%;Uniwersalny kontroler hosta USB Intel(R) ICH9 Family - 2935???????>??????/?g?/??? ????????????????????2?????????????16???????????s?s?t???i??????????????????????????????????????? ??ri???i?ier???????????????????????i???????????i?i (???????????l??r???? ???????i?????i???????1????????????&??????????????????????????i????tunnel??????? ???????i?????i???????1????????????????????????????? ???????i???????????i?1????????????????????usbport.inf:Intel.Section.NTx86:EHCI.Dev:6.1.7600.16385:pci\ven_8086&dev_293c????????i???????????i?i&d?????????????????????i????? ???????i?????i???????1?????????????????????i?i????????? ???????i???????????i?1?????????????????????????i???:???????????????????????????&?????i????? ???????i?????i???????1???????????????????????i???i???i????????? ???????i???????????i?1?????????????????????????i???3??1}???????:???i?i?????i?i???????i????? ???????i ????i???????1????????????&????????????????????:??? ???????i?????i???????1??? Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ?????????????v???s???????????????`???????????????t??Root\*6TO4MP\0064????????????F??????1}??? ???????s?????s???????????????????? ?????? ???????s????? ???????s???????????????????????????????????????s?s?s??? ???????s????????????????????r?p??? ?????????????l??s?????????????????????????????X???(??????P????????????(??????P???????????????l??s?????????????????????????????X???(??????P????????????(??????P???????????????l??s??????????????/??????????????X???(??????P????????????(??????P??????????????'0??s???,???????????????????/???????????????????????????;????:??s????????h???????D??s???9?????????????????????????0???(??????P???????????????D??????c????????????/e10???????????????????????s???????s????????????H??s?????????????????????????4?????????? ???????????????????H??s???????????/?????????????4?????????? ???????????????????0??s?????????????????s???s???????s?????????????????????????????????9p??s????????????????????????????????/????????????????\???(??????P??????????????????? ?????????????????LocalSystem?????? ???????s????? Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???s?s??????????? ???????s????????????????????,?B??? ???????????? B??s??????????????%SystemRoot%\System32\ikeext.dll?????????????????????????????????s?????????n????IkeServiceMain??????? ???????s?????s???????????????????????????o???????s???s????? ???????s???????????s??????????\?????0????????????????????????s0????????s????????????????????????\??s??????0???500?UDP?%windir%\system32\svchost.exe?IKEEXT?????s?s?s?s?s????????????????0?????? ???????o?????s????????????????????????????? ???????s?????????????????????????? ??????????????s????? ???????o???????????s??????????T???????????????????????t????????????????????s?s?s????????????????????????T??s????????h???????(??s??????p????s?s?s?s?s?s???????s???s????\SystemRoot\system32\DRIVERS\intelide.sys???System Bus Extender???????N??s???????????d??mshdc.inf_x86_neutral_f64b9c35a3a5be81??????????? ???????o??????????????????????J???????????system32\DRIVERS\intelppm.sys?ntelppm.sys??????????????????e????????????System32\DRIVERS\netbt.sys??????????????????t????????v??????e2????? Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???s????Net??z??? ???????s???????????s????????,????? ???????????????????????????????????????d???????????????e????????s??????????????????KeyboardClass??????????????????????????????????????????????????????s????? ???????o?????s????????????????T???????????????????????t?????????????????????????????????????????P??s????????h?????\SystemRoot\system32\DRIVERS\kbdhid.sys??????? t?????t????(??s?????????e????Keyboard HID Driver??????????s??????p???Keyboard Port???LocalSystem?????? ?t????Net???????T??s???????????d??hidirkbd.inf_x86_neutral_b7b6ffb126da2654??????????????g?????t??? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s????????????????????????? Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ? ?t????Net???????T??s???????????d??hidirkbd.inf_x86_neutral_b7b6ffb126da2654??????????????g?????t??? ?????????????????????? ????????????t??????????????? ???????s???????????s?????????????? ???????????? ???????o?????t?????t??????????@?????????????"??t?????????e????@keyiso.dll,-100??????@??t????????h?????%SystemRoot%\system32\lsass.exe???????"??t?????????n????@keyiso.dll,-101????? ???s??????????????????????????????????????????????t????????t???????????????t???????????e??RpcSs????????t?t?t?t?t?t?s?t????? ???????t???????????s??????????????????????????????0????????????????????????????????????? ????????????????????????????????????????????????????????????t????? ???????o???????????s??????????8????????????????s???0???2???t?????????????g ???????????????t????????????????5!??????t?t?t?????????????????t?????????s????????????????????????????????:??????????????????T??????s???Net?????Typ?????????????????? ???????o??????????????????????:????????g??????????????????????????tunnel?c36???????v????`??t?????????e??????????????????? Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???k?????????????l??Net?????LegacyDriver????*6to4mp?? ??????47???????l???D??25????(??l???7??F9??????????????????????????? \??????4??????????mrxsmb???????????&?????????????????s???????????????????s?????????i??????p????l???????????????k???B???\???k??? ???????k?????k?????l????????????E??????????????????????????????4??? ???????k???????????k??????????\???????s????k?k?k?k?k?k?k????X????????????????k?&???????l??????????????????? ???????k?????k?????k????????????$??????????R???????k???.??s6???l??? ???????k???????????k??????????b???????????LegacyDriver?????k??tunnel?A80???l?????k?&?????????????????s????????????? ?????s?????????l??????s?????????????????????X??|?????????e?????l??????????*6to4mp??3???????????????????????????n??VNUSB???LegacyDriver? ?????????????????????????s????ROOT\VOLMGR???????V??z?????????e?????l??? ???????k?????k?????k????????????&? ???????B????????????,???????/??? ???????k???????????k??????????P????????????????????k?k?k?k?l?l?k???k?????????????k?&????N??????????????????k?k?l?k?k????????????????????? Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ???p??????n????????????e????system32\drivers\csc.sys?????????p???????s?????s?s???r?rp???Video Init????????????????$??p??????????????Global\MMF_BITS_s????o?o?p?p?p?p?p?p?p?p?p?pPe???????|??????????????????????????????????????????Net??????????????p???????p??????????????????????t???? ??????????????r????????????????????????? ??o?????????t????? ????????????????????????????????p??????r?r?p??? ???????p???????????p??????????????????????????????4?? ?????????? ????\???????????????????? ??????????????????????????? ??????? ????????p?????o???o???p????????? ???????o???????????p??????????T?-?????????Application??????p??System Bus Extender??????l?l??????????????????????????????>??p?????????e????????????????????????????????????t???????????????????????????f}??????????? ???????r?rf???? ???????o??????????????????????P?.???????????Z??p?????????n??????b??p?????????e????*6to4mp?????????????????t?????????????0??s??????p???@%SystemRoot%\system32\clfs.sys,-101???????p?????????@???????????p???????????q?q?q??????????????? ?????????p??? Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ???s?s???r?rp???Video Init????????????????$??p??????????????Global\MMF_BITS_s????o?o?p?p?p?p?p?p?p?p?p?pPe???????|??????????????????????????????????????????Net??????????????p???????p??????????????????????t???? ??????????????r????????????????????????? ??o?????????t????? ????????????????????????????????p??????r?r?p??? ???????p???????????p??????????????????????????????4?? ?????????? ????\???????????????????? ??????????????????????????? ??????? ????????p?????o???o???p????????? ???????o???????????p??????????T?-?????????Application??????p??System Bus Extender??????l?l??????????????????????????????>??p?????????e????????????????????????????????????t???????????????????????????f}??????????? ???????r?rf???? ???????o??????????????????????P?.???????????Z??p?????????n??????b??p?????????e????*6to4mp?????????????????t?????????????0??s??????p???@%SystemRoot%\system32\clfs.sys,-101???????p?????????@???????????p???????????q?q?q??????????????? ?????????p?????p????"??p??????p?????4??p??????????????????????????t?????????????????? Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???n?????????????????????????????????????????????????????????????????????????9???????????????????????????????????6????????????????X?????????????*6to4mp??????,?,?m?m?m?m?,?n?n?n?n?n?n???????n???V??00??????????ASUSX???????????????????????????Net?#?????????????????????m??????????????????????????????|???????u???t???????????????????v?v?v??? ???????n???????????n?,?????? ???????????????????????????????m???????????????????????????????N??????e????Dlne????????????????????m??n???????n????????????????????????????????????????????????????????????:??????6?gF-??????????????????????t????????????????????????k??????p?????????????????????????2?????????????????tunnel?441??????00???d????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adp94xx.sys?y???????n??????p???SCSI Miniport?????R??n???????????d??adp94xx.inf_x86_neutral_4928c8870f6a1577?????n?n?n?n?n?n????????????????t?????????????????????????????????????????R??n????????h?????\SystemRoot\system32\DRIVERS\adpahci.sys?y???????n??????p???SCSI Mi Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ???p?p???k?k?????????????????????????????k?l?p?p?????k?l?l?s?s?o?l???????p?????????e??????????????????????????????????????????????????????????????@FirewallAPI.dll,-23521???????@FirewallAPI.dll,-23522???????MPSSVC?????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P???????????????????????????bitsctrs.ini????Event Log????&???????????????????????????????&???????????????????????????????&??????????????????????????????system32\DRIVERS\bowser.sys?????@%systemroot%\system32\browser.dll,-103?????ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)??????cdrom.inf_x86_neutral_db87d184bc84f910??????@%SystemRoot%\system32\clfs.sys,-100??????J??p?????????n?????????????????????????????p???p??ei??????????????????????? ???????o???????????o????????L??????????????&???p?????????????????????????????????????????????????????????????????#????????????????????@FirewallAPI.dll,-23501??????????????????????????&? Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ???t?t???????????????t?????????e??????Z??t????????h??????????{??????os???? ??t??????p??????? ????????????????t???????????e??SamSS?Srv?????????,??????????????????????????????????????????t??????????????????SeChangeNotifyPrivilege?SeImpersonatePrivilege?SeAuditPrivilege?SeLoadDriverPrivilege????????t?t?t?t?t?t?t?t?t?t?t??????????? ???????u???????????t?????????????? ?????????????????????????y?????? ???????o?????t?????t??????????R???????????????????????t??????????????????????t??????????????????????????P??t????????h?????\SystemRoot\system32\DRIVERS\parvdm.sys?????RpcSs????????????t??????p???Extended Base????????t???????????e??Parport??&???????????,???,??? *??t??????????p???Parallel arbitrator???????R??t???????????d??msports.inf_x86_neutral_c1a802e06677f73f?????t?t?t?t?t?t?t?t????? ???????t?????????????????????????? ???????????? ???????o?????u?????u????????$???????????????J??t?????????e????@%SystemRoot%\system32\pcasvc.dll,-1?????????????????????????????t????????h?????%systemroot%\system32\svchost.exe -k LocalSyste Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???j?t???j??????????????? ???????j?????j???????1????????????&???????????????????????? ???????j?????????????1???????????????????????j????? ???????j?????????????1????????????????????? ???????j?????????????1?????????????????????????????????????j??? ???????j?????????????1????????????????????? ???????j?????????????1?????????????????????????j???e??2-?????????????j????? ???????j?????????????1????????????????????? ???????j?????????????1????????????????????? ???????j?????????????1???????????????????????j???j???j???j???j???j???j???j???????????????????j?????????j??????????atapi_Inst???????????????????????j?j????????? ???????j?????j???????1????????????&????????????????????u??? ???????j?????j???????1????????????????????? ???????j???????????j?1????????????????????@system32\DRIVERS\pci.sys,#3075;Universal Serial Bus (USB) Controller?egowej (USB)??~???? ???????j?????j???????1????????????&????????????????????????????????F?????sA5??? ???????j?????j???????1????????????????????? ???????j???????????j?1?????????????????????????j? Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???p?????????@???????????p???????????q?q?q??????????????? ?????????p?????p????"??p??????p?????4??p??????????????????????????t???????????????????????Net??????????????????????r?r????? ???????o?????p?????p??????????Z?/???????????????????????????????????????????????T??p????????h?????\SystemRoot\system32\DRIVERS\BrFiltLo.sys?????Z??p?????????e????Brother USB Mass-Storage Lower Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????p???????????p??????????,??? ?????????????,??p???????????s??/GR=OFF /TO=10 /OW=30???? ???????o???????????p??????????Z?0?????????????????????t?????????????????????????????????????????T??p????????h????????p???p??????Z??p?????????e???????p?????p??????????????\SystemRoot\system32\DRIVERS\BrFiltUp.sys???Brother USB Mass-Storage Upper Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????o?????p?? ?????????????Z?1??????r??%System Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???t?????????s????????????????????????????????:??????????????????T??????s???Net?????Typ?????????????????? ???????o??????????????????????:????????g??????????????????????????tunnel?c36???????v????`??t?????????e????????????????????????????????????????????g?????\??t?????????n?????????????d?????????V2A????N??v?????????n????t???6-21-2006???? ???????o?????t?????t????????@?????????m?????$??t?????????e????@comres.dll,-2946????????t????????h?????%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation?????$??t?????????n????@comres.dll,-2947???? 8??t??????????????NT AUTHORITY\NetworkService??????????????????????????????????????????????t?????????????? ????????????????t???????????e??RPCSS?SamSS???????,??t????????????????????????????????????2??t??????????????????SeChangeNotifyPrivilege?????? F??t???????????????t??? ???????????????????????????????????????????????????t?t?t?t?t?t?t?t?t?t?t?t????? ???????t???????????t????????,?F??? ???????????%systemroot%\system32\msdtckrm.dll????????"??t?????????n????KtmRmServic Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???m?v????N???????????????????~??m??? ????????r??????5?g?5???{?{?????????????????????m?m?3???????????????3???????m???2??????Microsoft????m?mme???????????????????????????3???????m?m????? ??????????????x???x???? ???????l?????l???????1?????????????????????m???????????????????????????3???????m???a??in??msmouse.inf??????m?m?m??MSDMine?????? ???????m???????????l????????????????????????s?????? ???????m???????????????????????????????f??? ???????m?????m???????1??L????????? ??????????????m???m???m????????? ???????m?????m???????1????????????&???????????????????????? ???????m?????m???????1????????????????????? ???????m???????????l?1?????????????????????????????3???3???????????C??ss???m?m???????m????? ???????m?????m???????1???????????????????????m???m????? ???????m???????????l?1?????????????????????????????????????????l???????????l?m???????m????? ???????m?????m???????1????????????&??????????????????????????m???m????? ???????m?????m???????1????????????????????? ???????m???????????l?1????????????????????? ???????m????????? Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route ???m?v???????????v?????m????? ???????m?????m???????1????????????????????6.1.7600.16385?3?????m?m????????? ???????m???????????m?1?????????????????????????????????e???????m???????3?????????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1?????????????????????????????6????????8??p????????h??????????m???m?m?m?????????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1???????????????????????????????????s?????????????n?????s????tunnel?C18?????m????? ???????m?????m???????1???????????????????????m???m???m???m???m???m???m???m???m????????????? ???????m???????????m?1?????????????????????m?m???????m????? ???????m?????m???????1????????????????????? ???????m???????????m?1??????????????????????X??????&???&???????m??????e??????????????????????????????m????? ???????k?????m??????????????????^??????U??? ???????m?????m?????m????"?????????????????@umbus.inf,%umbusroot.devicedesc%;Modu? wyliczaj?cy magistrali g??wnej UMBus? ???m?mem??nd?????m?&????N??n??? ?????D?4??6&204e05bc&0?7??STO Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???j?t???????.??????????{36fc9e60-c465-11cf-8056-444553540000}?.?.??ATA Channel 0????????j?????????????????s??????????????????????:??k?????g??????\??t?????????e?????????????j???????z?z?z??{4d36e972-e325-11ce-bfc1-08002be10318}?rot??? ???e???0????????????:??????0?g-B???????????????k?????????????????????????j????@usbport.inf,%pci\ven_8086&dev_2939.devicedesc%;Uniwersalny kontroler hosta USB Intel(R) ICH9 Family - 2939??????????/??????s???? ???????j?????j?????j????(???$????????????????????????????????????????4?????????j??????????????\??\PCI#VEN_8086&DEV_2939&SUBSYS_18671043&REV_03#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}??????j?jon??????????? ???????j?????j???????-??4????????????????????? ??????j????? ???????j?????????????-?????????????????????y?????j????? ???????j???????????j????????"??????????f???????j ???????????r???????????Z????????????????? ??????????????? ? ?????????????????????????????????????????????? 4??j?????????????????????????????? ????????????j?j????????-0???j??? ???????j?????j??????? Reg HKLM\SOFTWARE\Classes\.aglib@ AdobeLightroom.Aglib Reg HKLM\SOFTWARE\Classes\.aglib\AdobeLightroom.Aglib Reg HKLM\SOFTWARE\Classes\.aglib\AdobeLightroom.Aglib\ShellNew Reg HKLM\SOFTWARE\Classes\.agmodule@ AdobeLightroom.agmodule Reg HKLM\SOFTWARE\Classes\.agmodule\AdobeLightroom.agmodule Reg HKLM\SOFTWARE\Classes\.agmodule\AdobeLightroom.agmodule\ShellNew Reg HKLM\SOFTWARE\Classes\.agtoolkit@ AdobeLightroom.agtoolkit Reg HKLM\SOFTWARE\Classes\.agtoolkit\AdobeLightroom.agtoolkit Reg HKLM\SOFTWARE\Classes\.agtoolkit\AdobeLightroom.agtoolkit\ShellNew Reg HKLM\SOFTWARE\Classes\.lrcat@ AdobeLightroom.lrcat Reg HKLM\SOFTWARE\Classes\.lrcat\AdobeLightroom.lrcat Reg HKLM\SOFTWARE\Classes\.lrcat\AdobeLightroom.lrcat\ShellNew Reg HKLM\SOFTWARE\Classes\.lrdb@ AdobeLightroom.lrdb Reg HKLM\SOFTWARE\Classes\.lrdb\AdobeLightroom.lrdb Reg HKLM\SOFTWARE\Classes\.lrdb\AdobeLightroom.lrdb\ShellNew Reg HKLM\SOFTWARE\Classes\.lrmodule@ AdobeLightroom.lrmodule Reg HKLM\SOFTWARE\Classes\.lrmodule\AdobeLightroom.lrmodule Reg HKLM\SOFTWARE\Classes\.lrmodule\AdobeLightroom.lrmodule\ShellNew Reg HKLM\SOFTWARE\Classes\.lrtemplate@ AdobeLightroom.lrtemplate Reg HKLM\SOFTWARE\Classes\.lrtemplate\AdobeLightroom.lrtemplate Reg HKLM\SOFTWARE\Classes\.lrtemplate\AdobeLightroom.lrtemplate\ShellNew Reg HKLM\SOFTWARE\Classes\.lrtoolkit@ AdobeLightroom.lrtoolkit Reg HKLM\SOFTWARE\Classes\.lrtoolkit\AdobeLightroom.lrtoolkit Reg HKLM\SOFTWARE\Classes\.lrtoolkit\AdobeLightroom.lrtoolkit\ShellNew Reg HKLM\SOFTWARE\Classes\.lrweb@ AdobeLightroom.lrweb Reg HKLM\SOFTWARE\Classes\.lrweb\AdobeLightroom.lrweb Reg HKLM\SOFTWARE\Classes\.lrweb\AdobeLightroom.lrweb\ShellNew Reg HKLM\SOFTWARE\Classes\.opd\shell Reg HKLM\SOFTWARE\Classes\.opd\shell@ Open Reg HKLM\SOFTWARE\Classes\.opd\shell\Open Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command@ "C:\Program Files\ScanSoft\OmniPageSE4.0\OmniPage.exe" "%1" Reg HKLM\SOFTWARE\Classes\.opd\shell\Open\command@command _z0CgvzR!AjZTLSR74XROmniPageSE>71eXRjo`j=y^f6(a,Pqx "%1"? Reg HKLM\SOFTWARE\Classes\.opd\ShellNew Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2@ FieldListCtrl.2 Object Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CLSID Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CLSID@ {444D2D27-02E8-486B-9018-3644958EF8A9} Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CurVer Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2\CurVer@ ACCWIZ.FieldListCtrl.2.8 Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8@ FieldListCtrl.2 Object Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8\CLSID Reg HKLM\SOFTWARE\Classes\ACCWIZ.FieldListCtrl.2.8\CLSID@ {444D2D27-02E8-486B-9018-3644958EF8A9} Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2@ ImexGridCtrl.2 Object Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CLSID Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CLSID@ {7466A304-ABF5-4998-88AE-F78D6F134E00} Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CurVer Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2\CurVer@ ACCWIZ.ImexGridCtrl.2.8 Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8@ ImexGridCtrl.2 Object Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8\CLSID Reg HKLM\SOFTWARE\Classes\ACCWIZ.ImexGridCtrl.2.8\CLSID@ {7466A304-ABF5-4998-88AE-F78D6F134E00} Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom@DefaultIcon C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\Lightroom.exe Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell@ open Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open@ &Open Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open\command Reg HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom\shell\open\command@ C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\Lightroom.exe "%L" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open@ &Open in Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.Aglib\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open@ Install with Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agmodule\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open@ Install with Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.agtoolkit\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open@ &Open in Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrcat\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open@ &Open in Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrdb\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open@ Install with Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrmodule\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open@ Install with Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrtoolkit\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open@ Install with Lightroom Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command@ "C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe" "%1" Reg HKLM\SOFTWARE\Classes\AdobeLightroom.lrweb\shell\Open\command@command wWf!^*9J@?1oKC^WNv4{LightroomBase>&1{`^Yp`w=]Oi7$9aujH "%1"? Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent@ InstallShield Update Service Agent Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent\CLSID Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent\CLSID@ {E9880553-B8A7-4960-A668-95C68BED571E} Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1@ InstallShield Update Service Agent Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1\CLSID Reg HKLM\SOFTWARE\Classes\BOWebAgent.WebAgent.1\CLSID@ {E9880553-B8A7-4960-A668-95C68BED571E} Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute@ Attribute Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CLSID@ {54BA1E8F-818D-407F-949D-BAE1692C5C18} Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute\CurVer@ CAPICOM.Attribute.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1@ Attribute Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Attribute.1\CLSID@ {54BA1E8F-818D-407F-949D-BAE1692C5C18} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate@ Certificate Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate\CurVer@ CAPICOM.Certificate.2 Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1@ Certificate Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.1\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2@ Certificate Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificate.2\CLSID@ {E38FD381-6404-4041-B5E9-B2739258941F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates@ Certificates Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates\CurVer@ CAPICOM.Certificates.2 Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1@ Certificates Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.1\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338} Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2@ Certificates Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Certificates.2\CLSID@ {FBAB033B-CDD0-4C5E-81AB-AEA575CD1338} Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain@ Chain Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62} Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain\CurVer@ CAPICOM.Chain.2 Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1@ Chain Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.1\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62} Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2@ Chain Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Chain.2\CLSID@ {65104D73-BA60-4160-A95A-4B4782E7AA62} Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData@ EncryptedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CLSID@ {A440BD76-CFE1-4D46-AB1F-15F238437A3D} Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData\CurVer@ CAPICOM.EncryptedData.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1@ EncryptedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.EncryptedData.1\CLSID@ {A440BD76-CFE1-4D46-AB1F-15F238437A3D} Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData@ EnvelopedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CLSID@ {F3A12E08-EDE9-4160-8B51-334D982A9AD0} Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData\CurVer@ CAPICOM.EnvelopedData.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1@ EnvelopedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.EnvelopedData.1\CLSID@ {F3A12E08-EDE9-4160-8B51-334D982A9AD0} Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty@ ExtendedProperty Class Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CLSID@ {9E7EA907-5810-4FCA-B817-CD0BBA8496FC} Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty\CurVer@ CAPICOM.ExtendedProperty.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1@ ExtendedProperty Class Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.ExtendedProperty.1\CLSID@ {9E7EA907-5810-4FCA-B817-CD0BBA8496FC} Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData@ HashedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CLSID@ {CE32ABF6-475D-41F6-BF82-D27F03E3D38B} Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData\CurVer@ CAPICOM.HashedData.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1@ HashedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.HashedData.1\CLSID@ {CE32ABF6-475D-41F6-BF82-D27F03E3D38B} Reg HKLM\SOFTWARE\Classes\CAPICOM.OID@ OID Class Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CLSID@ {7BF3AC5C-CC84-429A-ACA5-74D916AD6B8C} Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.OID\CurVer@ CAPICOM.OID.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1@ OID Class Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.OID.1\CLSID@ {7BF3AC5C-CC84-429A-ACA5-74D916AD6B8C} Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey@ PrivateKey Class Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CLSID@ {03ACC284-B757-4B8F-9951-86E600D2CD06} Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey\CurVer@ CAPICOM.PrivateKey.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1@ PrivateKey Class Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.PrivateKey.1\CLSID@ {03ACC284-B757-4B8F-9951-86E600D2CD06} Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings@ Settings Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CLSID@ {A996E48C-D3DC-4244-89F7-AFA33EC60679} Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings\CurVer@ CAPICOM.Settings.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1@ Settings Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Settings.1\CLSID@ {A996E48C-D3DC-4244-89F7-AFA33EC60679} Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode@ SignedCode Class Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CLSID@ {8C3E4934-9FA4-4693-9253-A29A05F99186} Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode\CurVer@ CAPICOM.SignedCode.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1@ SignedCode Class Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedCode.1\CLSID@ {8C3E4934-9FA4-4693-9253-A29A05F99186} Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData@ SignedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CLSID@ {94AFFFCC-6C05-4814-B123-A941105AA77F} Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData\CurVer@ CAPICOM.SignedData.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1@ SignedData Class Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.SignedData.1\CLSID@ {94AFFFCC-6C05-4814-B123-A941105AA77F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer@ Signer Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C} Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer\CurVer@ CAPICOM.Signer.2 Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1@ Signer Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.1\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C} Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2@ Signer Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Signer.2\CLSID@ {60A9863A-11FD-4080-850E-A8E184FC3A3C} Reg HKLM\SOFTWARE\Classes\CAPICOM.Store@ Store Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Store\CurVer@ CAPICOM.Store.2 Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1@ Store Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.1\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2@ Store Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Store.2\CLSID@ {78E61E52-0E57-4456-A2F2-517492BCBF8F} Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities@ Utilities Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CLSID@ {22A85CE1-F011-4231-B9E4-7E7A0438F71B} Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CurVer Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities\CurVer@ CAPICOM.Utilities.1 Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1@ Utilities Class Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1\CLSID Reg HKLM\SOFTWARE\Classes\CAPICOM.Utilities.1\CLSID@ {22A85CE1-F011-4231-B9E4-7E7A0438F71B} Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog@ DWUpdateService Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog\CLSID Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog\CLSID@ {F1522EC1-F84F-4CE2-A38C-F9384B0DFD41} Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1@ DWUpdateService Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1\CLSID Reg HKLM\SOFTWARE\Classes\DWUpdateService.ActivityLog.1\CLSID@ {F1522EC1-F84F-4CE2-A38C-F9384B0DFD41} Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent@ DWUpdateService Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent\CLSID Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent\CLSID@ {FFF2D28F-E4EE-44D9-8104-8E71556757F6} Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1@ DWUpdateService Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1\CLSID Reg HKLM\SOFTWARE\Classes\DWUpdateService.Agent.1\CLSID@ {FFF2D28F-E4EE-44D9-8104-8E71556757F6} Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent@ InstallShield Update Service Agent Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent\CLSID Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent\CLSID@ {2837E0FE-686B-4CB0-BE53-0EA097EAF71B} Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1@ InstallShield Update Service Agent Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1\CLSID Reg HKLM\SOFTWARE\Classes\DWUSWebAgent.WebAgent.1\CLSID@ {2837E0FE-686B-4CB0-BE53-0EA097EAF71B} Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML@ PML Class Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML\CLSID Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML\CLSID@ {88721C50-BC58-11D3-A99D-81EAEC5E8E45} Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1@ PML Class Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1\CLSID Reg HKLM\SOFTWARE\Classes\Hpbmiapi.PML.1\CLSID@ {88721C50-BC58-11D3-A99D-81EAEC5E8E45} Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList@ VarBindList Class Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList\CLSID Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList\CLSID@ {88721C4D-BC58-11D3-A99D-81EAEC5E8E45} Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1@ VarBindList Class Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1\CLSID Reg HKLM\SOFTWARE\Classes\Hpbmiapi.VarBindList.1\CLSID@ {88721C4D-BC58-11D3-A99D-81EAEC5E8E45} Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro@ HP Port Resolve Class Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro\CLSID Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro\CLSID@ {5A5AA0AA-1DEB-4683-96B0-B43301E83971} Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1@ HP Port Resolve Class Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1\CLSID Reg HKLM\SOFTWARE\Classes\HPPortResolver.hpbpro.1\CLSID@ {5A5AA0AA-1DEB-4683-96B0-B43301E83971} Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID@ HPBOID Class Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID\CLSID Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID\CLSID@ {D713F357-7920-4B91-9EB6-49054709EC7A} Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1@ HPBOID Class Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1\CLSID Reg HKLM\SOFTWARE\Classes\HPStatusServer.HPBOID.1\CLSID@ {D713F357-7920-4B91-9EB6-49054709EC7A} Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID@ {0F195FA1-CCF0-11D2-8B20-00A0C93CB1F4} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader@ Downloader Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader\CLSID@ {E9A93328-79D4-4AED-A778-146E7191F8BC} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1@ Downloader Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Downloader.1\CLSID@ {E9A93328-79D4-4AED-A778-146E7191F8BC} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError@ DownloadError Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError\CLSID@ {623E415A-22EF-4DAA-A2FF-E68E77A673C9} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1@ DownloadError Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadError.1\CLSID@ {623E415A-22EF-4DAA-A2FF-E68E77A673C9} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager@ DownloadManager Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CLSID@ {E50C953D-311A-481B-8F8D-C55E65AF7417} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CurVer Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager\CurVer@ ISDownloadManager.DownloadManager.1 Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1@ DownloadManager Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.DownloadManager.1\CLSID@ {E50C953D-311A-481B-8F8D-C55E65AF7417} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File@ File Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File\CLSID@ {915C2CEB-216B-4B7C-89E4-9ED3512D58D9} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1@ File Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.File.1\CLSID@ {915C2CEB-216B-4B7C-89E4-9ED3512D58D9} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files@ Files Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files\CLSID@ {92C5E738-7372-4CD6-BE57-15833624EBF3} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1@ Files Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Files.1\CLSID@ {92C5E738-7372-4CD6-BE57-15833624EBF3} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job@ Job Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job\CLSID@ {9CAAD2EA-177B-4D07-871F-47255B5D30F3} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1@ Job Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Job.1\CLSID@ {9CAAD2EA-177B-4D07-871F-47255B5D30F3} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs@ Jobs Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs\CLSID@ {B391A1DB-28C8-4506-A43C-5BD6051F16BA} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1@ Jobs Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.Jobs.1\CLSID@ {B391A1DB-28C8-4506-A43C-5BD6051F16BA} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator@ ProgressCalculator Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator\CLSID@ {621D3650-F1D3-414C-97F9-03A02B211261} Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1@ ProgressCalculator Class Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1\CLSID Reg HKLM\SOFTWARE\Classes\ISDownloadManager.ProgressCalculator.1\CLSID@ {621D3650-F1D3-414C-97F9-03A02B211261} Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10@ InstallShield InstallDriver String Table Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10\CLSID Reg HKLM\SOFTWARE\Classes\ISInstallDriver.StringTable.10\CLSID@ {AF0996A6-75B5-457D-B417-49B5FBF97E73} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp@ MSPRDeviceApp Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CLSID@ {58954BCB-A287-407B-90FA-8A8C82A86D9C} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CurVer Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp\CurVer@ MSPRPIPE.MSPRDeviceApp.1 Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1@ MSPRDeviceApp Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRDeviceApp.1\CLSID@ {58954BCB-A287-407B-90FA-8A8C82A86D9C} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser@ MSPRSourceParser Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CLSID@ {39027B6E-76F9-47F2-882F-72B4458FCF9B} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CurVer Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser\CurVer@ MSPRPIPE.MSPRSourceParser.1 Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1@ MSPRSourceParser Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRSourceParser.1\CLSID@ {39027B6E-76F9-47F2-882F-72B4458FCF9B} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData@ MSPRTransferData Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CLSID@ {4114CD5B-25EC-4A3D-96CB-93FABD65691F} Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CurVer Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData\CurVer@ MSPRPIPE.MSPRTransferData.1 Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1@ MSPRTransferData Class Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1\CLSID Reg HKLM\SOFTWARE\Classes\MSPRPIPE.MSPRTransferData.1\CLSID@ {4114CD5B-25EC-4A3D-96CB-93FABD65691F} Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider@ MSPRProvider Class Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CLSID Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CLSID@ {4E8200A7-DCF2-43F6-B55D-DCCEDF8DF272} Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CurVer Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider\CurVer@ MSPRSDK.MSPRProvider.1 Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1@ MSPRProvider Class Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1\CLSID Reg HKLM\SOFTWARE\Classes\MSPRSDK.MSPRProvider.1\CLSID@ {4E8200A7-DCF2-43F6-B55D-DCCEDF8DF272} Reg HKLM\SOFTWARE\Classes\OmniPage.Document@ OmniPage Document Reg HKLM\SOFTWARE\Classes\OmniPage.Document\CLSID Reg HKLM\SOFTWARE\Classes\OmniPage.Document\CLSID@ {C052D721-7FE1-11D3-8015-00A0C98D3E7F} Reg HKLM\SOFTWARE\Classes\OmniPage.Document\DefaultIcon Reg HKLM\SOFTWARE\Classes\OmniPage.Document\DefaultIcon@ C:\Windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\_05889BD9_A033_43B1_A004_42D207E6469E,0 Reg HKLM\SOFTWARE\Classes\OmniPage15@ OmniPage15 Reg HKLM\SOFTWARE\Classes\OmniPage15\CLSID Reg HKLM\SOFTWARE\Classes\OmniPage15\CLSID@ {899BB9A8-C92B-4373-98C4-10E8AB297DCA} Reg HKLM\SOFTWARE\Classes\OmniPage15\DefaultIcon Reg HKLM\SOFTWARE\Classes\OmniPage15\DefaultIcon@ C:\Windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\_7D8B90FC_26C4_47BC_BD44_82AF4DCE0C22,0 Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}@(Default ISSBkgdUpdate Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}\ProxyStubClsid32 Reg HKLM\SOFTWARE\Classes\{5B2CA9AA-CF01-47EC-937B-B93F67859FD4}\ProxyStubClsid32@(Default) {00020420-0000-0000-C000-000000000046} ---- EOF - GMER 1.0.15 ---- [/log] [color=green]//Punkt 5. Regulaminu działu: "Logi wstawiamy w tagi [log ] [/log ] (bez spacji)" //Mateusz J.[/color]
wirusolog komentarz 28 czerwca 2011 komentarz 28 czerwca 2011 [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code] :Files C:\Users\asus\AppData\Local\Temp*.html C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-4155598054-209487190-4116858441-1000.job :Commands [clearallrestorepoints] [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.
sebas135 komentarz 28 czerwca 2011 Autor komentarz 28 czerwca 2011 [log]http://wklej.org/id/554240/[/log] OTL [log]http://wklej.org/id/554241/[/log] raport
wirusolog komentarz 29 czerwca 2011 komentarz 29 czerwca 2011 [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code] :Files C:\Users\asus\AppData\Local\Temp*.html :OTL SRV - File not found [Auto | Stopped] -- -- (WMPNetworkSvc) [/code] Klik w [b]Wykonaj Skrypt[/b]. [b]2.[/b] W OTL wciśnij przycisk [b]Sprzątanie[/b]. [b]3.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).
sebas135 komentarz 29 czerwca 2011 Autor komentarz 29 czerwca 2011 MBAM już robiłem kilka dni temu:) Najwyżej powtórzę. Przyjrzałem się wczoraj usługą i z tego co widzę to duże zużycie procesora powoduje svchost.exe do którego podpięty jest klient dns i rozpoznawanie lokalizacji w sieci. Jest jakaś możliwość coś z nimi zrobić ? Czytałem ze rozpoznawanie można ponoć wyłaczyć ale u mnie to powoduje jakieś błedy w internecie (według ikony na pasku start mam ograniczony dostęp natomiast w przegladarce wszystko chodzi ok).
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.